[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: Re: eduPersonScopedAffiliation not mapping correctly
From: "Cantor, Scott" <cantor.2 () osu ! edu>
Date: 2011-12-19 22:29:57
Message-ID: CB1524A6.1B6D9%cantor.2 () osu ! edu
[Download RAW message or body]
On 12/19/11 5:21 PM, "Scott Klawitter" <sklawitter@ebsco.com> wrote:
>
>I think it is because XML attributes are missing from the Attribute and
>AttributeValue nodes.
Attribute, yes, as I said in my earlier note. NameFormat defaults to
unspecified, which is the wrong value.
>I propose the following changes:
>- Modify saml:Attribute node to include:
> FriendlyName="eduPersonScopedAffiliation"
> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
FriendlyName doesn't matter.
>- Modify saml:AttributeValue node to remove:
> xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
>- Modify saml:AttributeValue node to include:
> xmlns:xs="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:type="xs:string"
Those are namespaces and type information, none of which is wrong, but all
of which is optional except for ensuring the element is well formed.
>Will having the Identity Provider changing the format to look like the
>following fix this?
NameFormat alone will.
-- Scott
--
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic