Cunfigure eduPersonTargetedID shibboleth Idp windows 3.4
Peter Schober
peter.schober at univie.ac.at
Wed Sep 22 09:24:13 UTC 2021
* Aisha Al Fudhaili <aisha at omren.om> [2021-09-22 08:15]:
> I want to release eduPersonTargetedID for eduroam monitor
eduPersonTargetedID is deprecated and should be avoided where
possible. I'm aware that the eduroam monitor still uses it but it
doesn't require eduPersonTargetedID specifically:
Since 2018 the eduroam monitor or CAT also accepts SAML PairwiseID or
SAML Subjectid, the new(er) SAML Standard Identifiers.
(I know because I've worked with Miro and Dubravko to get this to work.)
So instead of trying to add support for something that should no
longer be used why not add support for what's increasingly going to be
used in many SPs?
But even when using PairwiseID instead of eduPersonTargetedID you'd
still have to fix the dependency (InputDataConnector or
InputAttributeDefinition) on your "ComputedId" DataConnector as I
previously wrote.
If my explanation was not clear please ask and I can try again.
(Short version: You need to have a user-specific attribute that is
different for every subject using yor IDP and use *that* as input to
the "ComputedId" DataConnector. Not a static attribute value that's
the same for everyone.)
-peter
More information about the users
mailing list