Versions Compared

Old Version 6

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 7

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleProperties

Properties related to "sub" claim generation in oidc.properties are:

Name

Default

Description

idp.oidc.subject.sourceAttribute


Source of data to use to compute pairwise (and/or public) value

idp.oidc.subject.algorithm

SHA

Digest algorithm used to compute pairwise (and/or public) value

idp.oidc.subject.salt


Salt to inject for randomness, should generally be moved into credentials/secrets.properties to avoid committing to configuration repository

Expand
titleBeans

Beans related to "sub" claim generation are:

Name

Type

Description

shibboleth.oidc.Conditions.PublicRequired

Predicate<ProfileRequestContext>

An activation condition that evaluates to true if and only if the client registers for a public "sub" claim and the request involves the authorization endpoint

shibboleth.oidc.Conditions.PairwiseRequired

Predicate<ProfileRequestContext>

An activation condition that evaluates to true if and only if the client registers for a pairwise "sub" claim and the request involves the authorization endpoint

shibboleth.oidc.Conditions.SubjectRequired

Predicate<ProfileRequestContext>

An activation condition that evaluates to true if and only if the request involves the authorization endpoint (the type is determined internally based on the client's registration)