Hello,
I am configuring a test IdP server based on our version 2
configuration, but updating it as much as I can to version 3. The above
attribute though is, to me, a bit confusing.
I see that the UK federation still list ePTID as a core attribute [1].
But it also seems that for IdP version 3 the attribute has been
deprecated [2]. As far as I can tell, in order to resolve the
attribute, and comply with the UK federation recommendations, I have to
keep the current (v2) ePTID attribute configuration.
In particular I note from the reply in [2]:
"...because there has never been a good reason to pass it as an
attribute in SAML 2, only SAML 1. Since all of SAML 1 is sort of
deprecated...
...if there's somebody out there who thinks they need to send it as an
attribute in SAML 2, that's either a point of confusion or an SP with a
bug."
I am just wondering if there is any sort of push being considered via
the UK federation for (listed) SP's to ditch SAML1 and so remove ePTID
as a core attribute?
[1] http://www.ukfederation.org.uk/content/Documents/AttributeUsage
[2] http://shibboleth.net/pipermail/users/2015-April/020996.html
Thanks,
John.
--
John Horne Tel: +44 (0)1752 587287
Plymouth University, UK
|