I'm running a SP that uses shibboleth as an optional additional login
method for registered users. Users link their existing accounts by going
through a shib protected page so all I need to do is capture any
persistent identifier, a pseudonymous one will do fine including
eduPersonTargetedID/urn:oid:1.3.6.1.4.1.5923.1.1.1.10
so I have REMOTE_USER="eppn persistent-id targeted-id"
Last week a shib patch came through (server is running SuSE)
and this stopped working
I've managed to get it working again by uncommenting
<Attribute name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10" id="persistent-id">
<AttributeDecoder xsi:type="NameIDAttributeDecoder"
formatter="$NameQualifier!$SPNameQualifier!$Name" defaultQualifiers="true"/>
</Attribute>
in the attribute-map.xml file but the comments in the file seem to
suggest that this value is deprecated.
Can somebody explain what the story is here please? Is it still ok
to use this attribute and is my "fix" the right way to get things working.
Thanks in advance
Stephen
--
======================================================================
|epcc| Dr Stephen P Booth Principal Architect |epcc|
|epcc| [log in to unmask] Phone 0131 650 5746 |epcc|
======================================================================
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
########################################################################
To unsubscribe from the JISC-SHIBBOLETH list, click the following link:
https://www.jiscmail.ac.uk/cgi-bin/webadmin?SUBED1=JISC-SHIBBOLETH&A=1
|