Versions Compared

Old Version 55

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version 56

changes.mady.by.user trscavo@internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

See the Shib wiki for more information about type saml:AttributeInMetadata.

Tip
titleIs your deployment of ePPN reassigned?

If your deployment of eduPersonPrincipalName permits reassignment and you're running Shib IdP 2.4.3 or higher, add the following AttributeRule to the above AttributeFilterPolicy:

Code Block
languagexml
  <afp:AttributeRule attributeID="eduPersonTargetedID">
    <afp:PermitValueRule xsi:type="saml:AttributeInMetadata"
        attributeName="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"/>
  </afp:AttributeRule>

which releases eduPersonTargetedID if eduPersonPrincipalName is listed in SP metadata.

For Shib IdPs prior to 2.4.0

...