saml-nameid.xml - Multiple c:candidate Values

Donald Lohr lohrda at jmu.edu
Thu Sep 1 15:26:34 UTC 2022 

<bean parent="shibboleth.Conditions.RelyingPartyId" 
c:*candidates*="#{{'????????', '????????', '????????'}}" />

On 9/1/22 9:19 AM, Jason Rotunno via users wrote:
> *CAUTION: *This email originated from outside of JMU. Do not click 
> links or open attachments unless you recognize the sender and know the 
> content is safe.
> ------------------------------------------------------------------------
> If I need to use a custom value or a different NameID format for a 
> particular SP, I add it to saml-nameid.xml similar to this (depending 
> on the SP's requirements):
>
>             <bean parent="shibboleth.SAML2AttributeSourcedGenerator"
>     p:format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
>                 p:attributeSourceIds="#{ {'bannerNameID'} }">
>                 <property name="activationCondition">
>                     <bean
>     parent="shibboleth.Conditions.RelyingPartyId"
>     c:candidate="https://v1-identity.dudesolutions.io/sso/saml2/metadata
>     <https://urldefense.proofpoint.com/v2/url?u=https-3A__v1-2Didentity.dudesolutions.io_sso_saml2_metadata&d=DwMFaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=dPtRC8yRz6LF-Bj2yzRVobIhIyl1YL_KhyV4alq_-49Zk2jMsZ2AMVjCeR2hXtAD&s=AH1tYYN8MYwJZjIAM_7MCAkqZKVBOdWU0e_o5viU8sE&e=>"
>     />
>                 </property>
>             </bean>
>
>
> Is there a way to include multiple values for c:candidate so that I 
> don't have to create a new bean for each SP that has the same requirement?
>
> -- 
> Jason Rotunno
> System & Security Administrator
> Swarthmore College
> 500 College Ave
> Swarthmore, PA 19081
> 610.328.8505
> *VERIFY before you click!!*
>    - Attackers make their emails look like they come from someone they don't.
>    - Attackers make links look like they go to websites they don't.
>    - Attackers disguise malware as receipts, invoices, faxes, etc.
> Forward suspicious emails tophishing at swarthmore.edu.
>

-- 
D o n a l d   L o h r
I n f o r m a t i o n   S y s t e m s
J a m e s   M a d i s o n   U n i v e r s i t y
5 4 0 . 5 6 8 . 3 7 3 0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220901/fe810869/attachment.htm>

More information about the users mailing list