The Shibboleth V2 IdP and SP software have reached End of Life and are no longer supported. This documentation is available for historical purposes only. See the IDP v4 and SP v3 wiki spaces for current documentation on the supported versions.

NativeSPServiceNameIDMgmt

Owned by Scott Cantor
Last updated: Oct 26, 2010Version comment

The <NameIDMgmt> element is used to enable and configure support for Name Identifier Management protocols within the SP. It is rarely used, but replaces the functions of the <md:ManageNameIDService> handler elements from the older (pre-2.4) configuration.

Instead of defining explicit endpoints with low-level binding information, the <NameIDMgmt> element automates the installation of the appropriate handlers based on the protocols selected for activation.

A basic example supporting SAML 2.0:

<NameIDMgmt>SAML2</NameIDMgmt>

Element Content

The content of the element is a whitespace-delimited list of "protocol" identifiers. The following are built-in to the SP:

  • SAML2
    • SAML 2.0 Name Identifier Management profile (front- and back-channel, IdP-initiated only).
    • For more complete information about the exact protocol behavior, see the NativeSPManageNameIDService topic.

Other protocols can be "integrated" with the service-based configuration mechanism by supplying the relevant information via the <ProtocolProvider> plugin interface.