Storing persistentId using an HTTP DataConnector

Cantor, Scott cantor.2 at
Fri Oct 28 15:42:48 UTC 2022

>    Hi, Of course it's only a part of the process.

What process? If you don't explain what your goal even is, it's hard to say what is or isn't possible.

> I am migrating an IdP3, and in our running legacy installation we have : 

Your only obvious problem is that you're using a deprecated attribute encoder that produces NameID values inside an Attribute. That ideally should be replaced with a persistent NameID generation strategy, which is a different thing entirely.

But in terms of upgrading, you don't have to do much of anything, it's not going to break. If you upgrade of course. Upgrades are done in place.

>    According to what I have read here...

That is for generating persistent NameIDs, i.e. NOT what you're currently doing. NameIDs and Attributes are not the same thing. Putting a NameID inside an AttributeValue is also not the same thing as generating a NameID in the assertion subject.

If what you want to do is migrate to generating a NameID alone using the same values/strategy as before, you don't have to do anything more than get rid of the AttributeDefintion, and set a property appropriately so that persistent NameIDs will be based on the appropriate underlying IdPAttribute coming out of your StoredID connector ("persistentID" in your case).

-- Scott

More information about the users mailing list