shibboleth-dev - Re: beta idp nameidentifier
Subject: Shibboleth Developers
List archive
- From: Will Norris <>
- To:
- Subject: Re: beta idp nameidentifier
- Date: Wed, 26 Sep 2007 08:33:40 -0700
ahh, right. It only works one direction right now... it can create an opaque NameIdentifier, but it can't resolve it back to a principal name for doing attribute query.
On Sep 25, 2007, at 7:09 AM, Rod Widdowson wrote:
Will,
I tried this, but it I'm not sure it's full implemented. When I get back to the IdP with the attribute request the opaque ID is just pulled from the <NameIdentifier> in the <AttributeQuery> into the request context as the principalName (where it then provides no help as the key for my LDAP search).
I'm guessing that your first instinct was right and there is more plumbing needed?
Rod
----- Original Message ----- From: "Will Norris"
<>
To:
<>
Sent: Tuesday, September 25, 2007 6:46 AM
Subject: Re: beta idp nameidentifier
err uh, just kidding. Turns out they just hadn't been wired in yet. try updating and add an AttributeDefinition of type "TransientId".
On Sep 24, 2007, at 10:32 PM, Will Norris wrote:
opaque IDs are not part of the beta just yet.
On Sep 24, 2007, at 3:57 PM, Jim Fox wrote:
I'm getting a nameidentifier of just my userid, e.g. "fox".
How can I get the more opaque one, e.g. "ZODIBEM...TLDWY36QTA3RS"?
Jim
- beta idp nameidentifier, Jim Fox, 09/24/2007
- Re: beta idp nameidentifier, Will Norris, 09/25/2007
- Re: beta idp nameidentifier, Will Norris, 09/25/2007
- Re: beta idp nameidentifier, Rod Widdowson, 09/25/2007
- Re: beta idp nameidentifier, Will Norris, 09/26/2007
- Re: beta idp nameidentifier, Will Norris, 09/26/2007
- Re: beta idp nameidentifier, Will Norris, 09/26/2007
- Re: beta idp nameidentifier, Rod Widdowson, 09/25/2007
- Re: beta idp nameidentifier, Will Norris, 09/25/2007
- Re: beta idp nameidentifier, Will Norris, 09/25/2007
Archive powered by MHonArc 2.6.16.