[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: custom NameID formats

Thanks for considering it to add to your source code as well.

I guess the motivation behind this was from the Shibboleth mailing list.
(This BTW, is not my IdP, but another vendor I'm working with)  Apparently a
persistent ID was supposed to be used for a unique and abstracted identifier
that would not change for an account.  If you have a login name that could
potentially change even though the account is the same, people are saying
that you're supposed to choose a different format that represents that data

I'm not sure if I agree with all of that... that's just the word around the
campfire.  ;-)


On Wed, Feb 9, 2011 at 5:00 PM, <sampo@xxxxxxxxx> wrote:

> Cal Heldenbrand <cal@xxxxxxxxxxx> said:
> > Hi everyone (and Sampo),
> >
> > I'm working on integrating my zxid SP with an IdP that decided to use a
> > custom NameID format other than the usual persistent / transient URN
> names.
> >
> > Currently I'm seeing that the *fn* variable in the IdP configuration
> screen
> > is hard coded with only "prstnt" or "trnsnt".  Is there any way to change
> > this, or is the NameID format hard coded in the lower level API?
> Thank you for your patch thet technically addresses the issue.
> Can you describe the concerns that caused your constituency to
> choose nonstandard nameid-format?
> Als, what features do you need to see to support nonstandard formats?
> Cheers,
> --Sampo
> > Thanks,
> >
> > --Cal