Azure AD Connector from IDP v4.1 - canonicalization failure
Cantor, Scott
cantor.2 at osu.edu
Tue Aug 30 18:56:38 UTC 2022
> We just want a user identifier from Azure.
Then most of that is totally unnecessary, start over, and look at the attribute-sourced c14n docs and properties. No need for anything in the resolver whatsoever.
https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631602/AttributePostLoginC14NConfiguration
idp.c14n.attribute.resolveFromSubject = true
idp.c14n.attribute.resolutionCondition = shibboleth.Conditions.FALSE
idp.c14n.attribute.attributeSourceIds = whateverId
Should be all that's needed other than making sure the input data is getting decoded by the registry.
-- Scott
More information about the users
mailing list