SAML 2 String NameID Attribute Encoder

The SAML 2 string NameID encoder creates SAML 2 <NameID> elements from resolved attributes. The content of the <NameID> element is a string created by invoking the Object.toString() method on the first value of the resolved attribute. This encoder is only used for SAML 2 messages and will be ignored when the IdP is answering other protocol messages.

Define the Encoder

Attribute encoders are defined after any dependencies with an <resolver:AttributeDefinition>. The SAML 2 string NameID encoders starts with the same <resolver:AttributeEncoder> element as all other encoders and has a type of xsi:type="SAML2StringNameID". The <resolver:AttributeEncoder> may also have the following the attributes:

nameFormat - this becomes the Format attribute on the created SAML 2 <NameID> element; defaults to urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
nameQualifier - this becomes the NameQualifier attribute on the created SAML 2 <NameID> element; this attribute is optional

SAML 2 String NameID Encoder, without optional attributes, within a Principal Name Attribute Definition

<resolver:AttributeDefinition id="UNIQUE_ID" xsi:type="ad:PrincipalName">

     <resolver:AttributeEncoder xsi:type="enc:SAML2StringNameID" />

</resolver:AttributeDefinition>

SAML 1 String NameIdentifier Encoder, with attributes, within a Principal Name Attribute Definition

<resolver:AttributeDefinition id="UNIQUE_ID" xsi:type="ad:PrincipalName">

     <resolver:AttributeEncoder xsi:type="enc:SAML2StringNameID"
                                                       nameFormat="IDENTIFIER_NAME_FORMAT"
                                                       nameQualifier="IDENTIFIER_NAME_QUALIFIER" />

</resolver:AttributeDefinition>

Deployers that wish to use the same attribute to support the creation of NameIdentifier of multiple name formats may define multiple SAML 2 NameID encoders with differing formats.

Browser not supported