[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: custom NameID formats



Thanks for considering it to add to your source code as well.

I guess the motivation behind this was from the Shibboleth mailing list.
(This BTW, is not my IdP, but another vendor I'm working with)  Apparently a
persistent ID was supposed to be used for a unique and abstracted identifier
that would not change for an account.  If you have a login name that could
potentially change even though the account is the same, people are saying
that you're supposed to choose a different format that represents that data
type.

I'm not sure if I agree with all of that... that's just the word around the
campfire.  ;-)

--Cal

On Wed, Feb 9, 2011 at 5:00 PM, <sampo@xxxxxxxxx> wrote:

> Cal Heldenbrand <cal@xxxxxxxxxxx> said:
> > Hi everyone (and Sampo),
> >
> > I'm working on integrating my zxid SP with an IdP that decided to use a
> > custom NameID format other than the usual persistent / transient URN
> names.
> >
> > Currently I'm seeing that the *fn* variable in the IdP configuration
> screen
> > is hard coded with only "prstnt" or "trnsnt".  Is there any way to change
> > this, or is the NameID format hard coded in the lower level API?
>
> Thank you for your patch thet technically addresses the issue.
>
> Can you describe the concerns that caused your constituency to
> choose nonstandard nameid-format?
>
> Als, what features do you need to see to support nonstandard formats?
>
> Cheers,
> --Sampo
>
> > Thanks,
> >
> > --Cal