...
The saml-nameid.xml configuration file defines two list beans, each one an ordered list of "generator" plugins for the two different SAML versions. Each plugin is specific to an identifier Format, a SAML constant that identifies the kind of value being expressed. The generation process involves selecting a list of Formats to try and generate (see Format Selection below), and then trying each Format until an appropriate value is obtained by running each configured generator in order.
...
In the case of SAML 2, a plugin is present, but commented out, to generate "persistent" identifiers. Certain properties in saml-nameid.properties must be set in order to safely uncomment this plugin (discussed below).
The default configuration also demonstrates how to generate a custom identifier using an arbitrary Format based on an attribute from the attribute resolution process. This plugin also has the capability of selecting the first value present from a list of possible source attributes.
| Tip |
|---|
In summary:
If you're getting unexpected results, approach the debugging from the perspective of the algorithm: identify which Formats should be getting tried (as indicated by the log), and examine each generator in order to see if it would be expected to produce a given Format. |
...
| Expand | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||
Properties defined in saml-nameid.properties to customize various aspects of default identifier generation behavior:
|
...