getting desired value into nameID
Les LaCroix
llacroix at carleton.edu
Fri Oct 7 00:10:43 UTC 2022
This sounds a bit like I was seeing the other week. My problem was a
nameIDFormatPrecedence defined in my DefaultRelyingParty bean. Any format
that's in metadata is filtered out if it's not in that list. The only
solution that was suggested in that thread is that a relying party override
was needed.
-Les
<http://www.carleton.edu/>
*Les LaCroix '79*
Strategic Technologist
Information Technology Services
t: (507) 222-5455
On Thu, Oct 6, 2022 at 7:02 PM IAM David Bantz via users <
users at shibboleth.net> wrote:
> Yes I’ve run these 3 variations:
>
> - all 4 policies
> - no policies
> - only the emalAddress policy
>
>
>
> On 06Oct2022 at 15:58:52, "Mak, Steven" <makst at upenn.edu> wrote:
>
>> For an easy test, remove the other NameIDPolicies in the SP metadata so
>> only emailAddress is remaining.
>>
>>
>>
>> Then just make sure the logic of your resolver config allows the release
>> of some attribute that can fulfill that policy to that service.
>>
>>
>>
>> - Steve
>>
>>
>>
>> *From: *IAM David Bantz <dabantz at alaska.edu>
>> *Date: *Thursday, October 6, 2022 at 7:55 PM
>> *To: *Mak, Steven <makst at upenn.edu>
>> *Cc: *Shib Users <users at shibboleth.net>
>> *Subject: *Re: getting desired value into nameID
>>
>> I’m debugging the config against the resolver exerciser and unsolicited
>> request, so no normal incoming SAML request.
>>
>>
>>
>> David
>>
>>
>>
>> On 06Oct2022 at 15:42:58, "Mak, Steven" <makst at upenn.edu> wrote:
>>
>> Double check the SAML request that is coming in. If it is stating
>> something like NameIDPolicy > unspecified + Exact, then that may be why you
>> are having trouble.
>>
>>
>>
>> - Steve Mak
>>
>>
>>
>> --
> For Consortium Member technical support, see
> https://shibboleth.atlassian.net/wiki/x/ZYEpPw
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20221006/c9e30635/attachment.htm>
More information about the users
mailing list