Page Comparison

Current File(s): conf/c14n/subject-c14n.xml, conf/c14n/subject-c14n.properties(V4.1+)
Format: Native Spring, Properties (V4.1+)

Overview

...

The subject-c14n.xml file includes the list of descriptors that describe the possible flows available, and some additional configuration. You might need to modify this file to enable the mapping of custom name identifier Formats into usernames, such as email addresses or DNs.

In V4.1+, there There are also a couple of properties for global control over case folding added in subject-c14n.properties.

...

By default, it contains flows for both memory- and crypto-based transient identifier reversal, and non-functional stubs for mapping custom string-based identifiers back into usernames, optionally applying regular expression transforms ( and in V4.1+, case folding). A commented out flow also exists for reversing storage-managed SAML 2 persistent identifiers.

...

This custom mapping flow supports some simple transform capability out of the box. The shibboleth.NameTransforms bean is a list of regular expression and replacement string pairs that can transform the input value into a different username value rather than importing it directly. V4.1 adds There are also a couple of properties that allow case folding, which helps deal with comparison problems if the SP populates the value based on user input.

In the most unusual cases, V4.1 + adds there is support for injecting a custom object of your own creation that implements the NameIDDecoder (SAML 2.0) or NameIdentifierDecoder (SAML 1.1) interfaces to fully customize the decoding process. The bean names shibboleth.SAML2Transform.NameIDDecoder and shibboleth.SAML1Transform.NameIdentifierDecoder are reserved for this purpose.

Reference

...