Shibboleth Developers

["Scott Cantor" <>]

> ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
>       AssertionConsumerServiceURL="https://sp.org/SAML2/SSO/Artifact";
>       ProviderName="My Service Provider">

These three attributes are probably in the category of "rarely used", so
maybe don't make the best examples.

>       <samlp:NameIDPolicy 
>         AllowCreate="true"  
> Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"/>
>     </samlp:AuthnRequest>

Similarly, I suspect using AllowCreate with anything but persistent is
probably also rare. It's not nonsensical, it's just kind of a competing set
of deployment considerations.

-- Scott