[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: Re: namedID
From: Hong Ye <hy93 () cornell ! edu>
Date: 2014-05-24 2:19:33
Message-ID: 5D0256D4-0F7B-495D-99B0-EFB29FC6836E () cornell ! edu
[Download RAW message or body]
Nate,
Now I got it. Thanks you very much for your help. Have a great weekend!
Hong
On May 23, 2014, at 9:41 PM, Nate Klingenstein \
<ndk@internet2.edu<mailto:ndk@internet2.edu>> wrote:
Hong,
Then how to find out the name that my SP is receiving?
You could just ask the IdP what they're sending, or you could find it in the logs, as \
you've done.
In the test environment, I let my test Idp release webexID to my SP. Here is the \
nameID in saml2 assertion. I didn't see there is a name here.
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" \
NameQualifier="https://shibidp-test.cit.cornell.edu/idp/shibboleth" \
SPNameQualifier="https://shibsp-test.idm.cit.cornell.edu/shibsp">hy93</saml2:NameID>
The Format is the name of the NameID and the rest of it may be combined into a value \
however you need. The structure of a NameID doesn't match that of an Attribute, but \
the SP is trying to abstract all of that for the application and deployer, so the \
name doesn't match.
If I define NameID mapping correctly in attribute-map.xml, will this nameID be \
displayed in my SP's shibboleth.sso Session page along with other attributes?
Yes, it should be.
Thanks,
Nate.
--
To unsubscribe from this list send an email to \
users-unsubscribe@shibboleth.net<mailto:users-unsubscribe@shibboleth.net>
[Attachment #3 (text/html)]
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: \
after-white-space; "> <div>Nate,</div>
<div><br>
</div>
Now I got it. Thanks you very much for your help. Have a great weekend!
<div><br>
</div>
<div>Hong<br>
<div><br>
</div>
<div>
<div>
<div>On May 23, 2014, at 9:41 PM, Nate Klingenstein <<a \
href="mailto:ndk@internet2.edu">ndk@internet2.edu</a>></div> \
<div> wrote:</div> <br class="Apple-interchange-newline">
<blockquote type="cite">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: \
after-white-space; "> Hong,
<div><br>
<div>
<div>
<blockquote type="cite">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: \
after-white-space; "> <div>Then how to find out the name that my SP is \
receiving?</div> </div>
</blockquote>
<div><br>
</div>
<div>You could just ask the IdP what they're sending, or you could find it in the \
logs, as you've done.</div> <br>
<blockquote type="cite">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: \
after-white-space; "> <div>In the test environment, I let my test Idp release webexID \
to my SP. Here is the nameID in saml2 assertion. I didn't see there is a name \
here.</div> <div><br>
</div>
<div><saml2:NameID \
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" \
NameQualifier="<a \
href="https://shibidp-test.cit.cornell.edu/idp/shibboleth">https://shibidp-test.cit.cornell.edu/idp/shibboleth</a>" \
SPNameQualifier="<a \
href="https://shibsp-test.idm.cit.cornell.edu/shibsp">https://shibsp-test.idm.cit.cornell.edu/shibsp</a>">hy93</saml2:NameID></div>
</div>
</blockquote>
<div><br>
</div>
<div>The Format is the name of the NameID and the rest of it may be combined into a \
value however you need. The structure of a NameID doesn't match that of an \
Attribute, but the SP is trying to abstract all of that for the application and \
deployer, so the name doesn't match.</div>
<br>
<blockquote type="cite">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: \
after-white-space; "> <div>If I define NameID mapping correctly in attribute-map.xml, \
will this nameID be displayed in my SP's shibboleth.sso Session page along with other \
attributes?</div> </div>
</blockquote>
<div><br>
</div>
<div>Yes, it should be.</div>
</div>
<br>
</div>
</div>
<div>Thanks,</div>
<div>Nate.</div>
</div>
--<br>
To unsubscribe from this list send an email to <a \
href="mailto:users-unsubscribe@shibboleth.net"> \
users-unsubscribe@shibboleth.net</a></blockquote> </div>
<br>
</div>
</div>
</body>
</html>
--
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
--===============2224971151567745527==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic