Upgrade from v4.0.1 to v4.2.1 - InvalidNameIDPolicy

Nilan Morjaria-Patel N.Morjaria-Patel at soton.ac.uk
Wed Jun 22 08:54:35 UTC 2022

Hi Scott,

So https://play01982.soton.ac.uk/shibboleth is the entityID of a test SP. Swapping out the upgraded IDP for a non-upgraded IDP and it works fine, no InvalidNameIDPolicy error. So something I have missed in the Release notes that causes this perhaps? Any tips to diagnose, perhaps put into debug?


From: Cantor, Scott <cantor.2 at osu.edu>
Sent: 21 June 2022 13:02
To: Shib Users <users at shibboleth.net>
Cc: Nilan Morjaria-Patel <N.Morjaria-Patel at soton.ac.uk>
Subject: Re: Upgrade from v4.0.1 to v4.2.1 - InvalidNameIDPolicy

CAUTION: This e-mail originated outside the University of Southampton.

On 6/20/22, 10:08 AM, "users on behalf of Nilan Morjaria-Patel via users" <users-bounces at shibboleth.net on behalf of users at shibboleth.net> wrote:

>    As stated in the subject I have just attempted to upgrade one of our dev Shibb IDP servers, however I now
> get the following in idp-warn.log:

There's nothing about an upgrade that suddenly makes a NameIDPolicy show up. That's the SP's choice.

>    It appears the SP is requesting urn:oasis:names:tc:SAML:2.0:nameid-format:transient.

It doesn't appear that way at all, it's requesting persistent.

-- Scott

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220622/31ee8c45/attachment.htm>

More information about the users mailing list