Weird issue with SAML-NAMEID.xml
Cantor, Scott
cantor.2 at osu.edu
Mon Jun 6 12:07:06 UTC 2022
On 6/3/22, 9:26 PM, "users on behalf of Baron Fujimoto" <users-bounces at shibboleth.net on behalf of baron at hawaii.edu> wrote:
> While the documentation may not suggest using generator beans and activation conditions (or other non
>-metadata alternatives), it also, at least as far as I've encountered, does not obviously point you to a metadata
> filter as a best practice for these sorts of situations.
I beg to differ but obviously this is subjective insofar as the fact that it's directly mentioned doesn't mean people see it or read it.
It's in Step 5 on the relevant page.
https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631672/CustomNameIDGenerationConfiguration
Using the relying-party override approach is fine if it's what people prefer, that's not the issue I was warning against, and doesn't lead to any use of an activation condition.
-- Scott
More information about the users
mailing list