...
| Warning |
|---|
This is not a replacement for the actual documentation and you cannot cut and paste your way to a working system. The examples are not usable without taking into consideration your local needs and requirements. |
...
Service Provider Metadata
Workday S-N will produce SAML metadata that's not too horrible via a Generate Metadata button on the Identity Provider setup page (kind of backwards). It's not usually 100% correct or ideal but it's not awful and will at least fill in its entityID and endpoints. One thing about it that's useful is that you know if it's generating blank metadata the plugin isn't happy and won't work most likely, so that's a good warning.
...
Example Shibboleth Configuration
| Tip |
|---|
Refer to the RelyingPartyConfiguration topic and be cognizant that creating overrides for every service is generally an inefficient use of the software. Consider identifying common requirements across services and create overrides tied to multiple services that share those requirements, or that reference profile configuration beans containing common settings. |
...
Example Shibboleth Configuration
| Tip |
|---|
Refer to the NameIDGenerationConfiguration topic for a full treatment of NameID features. |
Continuing with the example above, if you have an attribute definition named "employeeNumber" produced by your AttributeResolverConfiguration, release it to the S-N SP in your AttributeFilterConfiguration (example below).
Finally, to actually produce the necessary <NameID>, modify saml-nameid.xml as shown:
...