 |
 |
On 24 Feb 2010, at 11:12, Peter Schober wrote: > At least the Shibboleth SP accepts several forms of these and by > default populates the same local attribute from those. Likewise, > simpleSAMLphp allows to map different attribute names to the same > attribute. > Can't speak for other SAML SP implemenations (e.g. OpenAthens), > though. OpenAthens SP will accept either scoped (via SAML 1) or persistent nameID (via SAML 2) identifiers. It also provides a data-emitter to produce values in the same '!' delimited notation as Shibboleth, which produce values identical for attributes transported via either SAML version (assuming the identifier value passed by the IdP is the same). This has been supported for some time, so the vast majority of deployments in the UKAMF will 'technically' support it. Of course, this does not necessarily imply that SPs genuinely use identifiers in this format. David