shibboleth-dev - NameQualifier
Subject: Shibboleth Developers
List archive
- From: Tom Scavo <>
- To: Shibboleth Development <>
- Subject: NameQualifier
- Date: Wed, 20 Apr 2005 17:48:16 -0400
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=dTHuW+Bg9b4Yn27/q5l5TCVJCRnxR0sV4mgl5sqWDePxewAXTSfwRKKQpvn/TRSHhgIs6ymDrXzmm8jcPxDHyZsVMnCpnpywaLu+IqyKaH/RYkq5eXfmT0efLoIkv//lNDsiA9c/lVeWqfJRVsUOCe5Rx0NgihB9ccJKrzxoddA=
I'm trying to implement a name mapping plugin, a somewhat more
generalized version of X509SubjectNameNameIdentifierMapping. The
latter requires a qualifier attribute in the NameMapping config
element, while other plugins utilize a method called verifyQualifier
defined in BaseNameIdentifierMapping that examines the NameQualifier
attribute of the NameIdentifier element. I've always wondered about
this disconnect, but I ignored it and forged ahead.
Now I've tried to remove the dependency on the qualifier attribute
with no success. For some reason, at the time the NameIdentifier
object is created, the IdP providerId (the usual value of
NameQualifier) is not available to the plugin. I don't know why this
is.
So I guess my first question is why is there a qualifier attribute in
this one case? Second question is why is the IdP providerId null in
this case? (I suspect the questions are related.)
Thanks,
Tom
- NameQualifier, Tom Scavo, 04/20/2005
- Re: NameQualifier, Walter Hoehn, 04/29/2005
- Re: NameQualifier, Tom Scavo, 04/29/2005
- Re: NameQualifier, Walter Hoehn, 04/29/2005
Archive powered by MHonArc 2.6.16.