Versions Compared

Old Version 2

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version 3

changes.mady.by.user trscavo@internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
xml
xml
titleCrypto Transient ID Attribute Definition
 
<resolver:AttributeDefinition id="UNIQUE_ID" cryptoTransientId" xsi:type="ad:CryptoTransientId"
                              xmlns:ad="urn:mace:shibboleth:2.0:resolver:ad" 
                              dataSealerRef="shibboleth.TransientIDDataSealer" 
                              lifetime="PT3M"> 

    <resolver:AttributeEncoder xsi:type="ad:CryptoTransientId"> 

<!-- Remaining configuration from the next step go here --> 

</resolver:AttributeDefinition> ="encoder:SAML1StringNameIdentifier"
                               xmlns:encoder="urn:mace:shibboleth:2.0:attribute:encoder"
                               nameFormat="urn:mace:shibboleth:1.0:nameIdentifier"/>

    <resolver:AttributeEncoder xsi:type="encoder:SAML2StringNameID"
                               xmlns:encoder="urn:mace:shibboleth:2.0:attribute:encoder"
                               nameFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</resolver:AttributeDefinition>
Note

While this attribute definition can have dependencies, like all other attribute definitions, they are never used. The transient ID comes exclusively from internal IdP state.