Versions Compared

Old Version 17

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 18

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

See the CustomNameIDGenerationConfiguration subtopic for detailed help with this feature.

Reference

Localtabgroup

Localtab-live
activetrue
titleProperties

Properties defined in saml-nameid.properties to customize various aspects of default identifier generation behavior:

Property / Type / DefaultFunction

idp.transientId.generator

Bean ID of a TransientIdGenerationStrategy

shibboleth.CryptoTransientIdGenerator

Identifies the strategy plugin for generating transient IDs

idp.nameid.saml2.default

URI

urn:oasis:names:tc:SAML:2.0:nameid-format:transient

Default Format to generate if nothing else is indicated

idp.nameid.saml1.default

URI

urn:mace:shibboleth:1.0:nameIdentifier                           

Default Format to generate if nothing else is indicated

Localtab-live
titleBeans

Beans defined in saml-nameid.xml and related system configuration discussed above follow:

Bean IDTypeFunction

shibboleth.SAML2NameIDGenerators

List<SAML2NameIDGenerator>

SAML 2 NameID generator plugins to use

shibboleth.SAML1NameIdentifierGenerators

List<SAML1NameIdentifierGenerator>

SAML 1 NameIdentifier generator plugins to use
shibboleth.SAML2TransientGeneratorTransientSAML2NameIDGeneratorPlugins for generating transient identifiers using pluggable strategies
shibboleth.SAML1TransientGeneratorTransientSAML1NameIdentifierGenerator
shibboleth.StoredTransientIdGeneratorTransientIdGenerationStrategyStrategy plugin that generates transient identifiers randomly and stores them in a server-side StorageService
shibboleth.CryptoTransientIdGeneratorTransientIdGenerationStrategyStrategy plugin that generates transient identifiers by encrypting a subject identity into a long opaque string