/
SAML1StringNameIdentifierEncoder

The Shibboleth V2 IdP and SP software have reached End of Life and are no longer supported. This documentation is available for historical purposes only. See the IDP v4 and SP v3 wiki spaces for current documentation on the supported versions.

SAML1StringNameIdentifierEncoder

May 03, 2013

SAML 1 String NameIdentifier Attribute Encoder

The SAML 1 string NameIdentifier encoder creates SAML 1 <NameIdentifier> elements from resolved attributes. The content of the <NameIdentifier> element is a string created by invoking the Object.toString() method on the first value of the resolved attribute. This encoder is only used for SAML 1 messages and will be ignored when the IdP is answering other protocol messages.

Define the Encoder

Attribute encoders are defined after any dependencies with an <resolver:AttributeDefinition>. The SAML 1 string NameIdentifier encoders starts with the same <resolver:AttributeEncoder> element as all other encoders and has a type of xsi:type="SAML1StringNameIdentifier". The <resolver:AttributeEncoder> may also have the following the attributes:

  • nameFormat - this becomes the Format attribute on the created SAML 1 <NameIdentifier> element; defaults to urn:oasis:names:tc:SAML:1.0:nameid-format:unspecified
  • nameQualifier - this becomes the NameQualifier attribute on the created SAML 1 <NameIdentifier> element; this attribute is optional
SAML 1 String NameIdentifier Encoder, without optional attributes, within a Principal Name Attribute Definition
<resolver:AttributeDefinition id="UNIQUE_ID" xsi:type="ad:PrincipalName">

     <resolver:AttributeEncoder xsi:type="enc:SAML1StringNameIdentifier" />

</resolver:AttributeDefinition>
SAML 1 String NameIdentifier Encoder, with attributes, within a Principal Name Attribute Definition
<resolver:AttributeDefinition id="UNIQUE_ID" xsi:type="ad:PrincipalName">

     <resolver:AttributeEncoder xsi:type="enc:SAML1StringNameIdentifier"
                                                       nameFormat="IDENTIFIER_NAME_FORMAT"
                                                       nameQualifier="IDENTIFIER_NAME_QUALIFIER" />

</resolver:AttributeDefinition>

Deployers that wish to use the same attribute to support the creation of NameIdentifier of multiple name formats may define multiple SAML 1 NameIdentifier encoders with differing formats.