blob: 8530c4f6e9bbcbc473bec7e5f22850737d03050d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
# Properties involving SAML NameIdentifier/NameID generation/consumption
# For the most part these settings only deal with "transient" and "persistent"
# identifiers. See saml-nameid.xml and c14n/subject-c14n.xml for advanced
# settings
# Comment out to disable legacy NameID generation via Attribute Resolver
#idp.nameid.saml2.legacyGenerator = shibboleth.LegacySAML2NameIDGenerator
#idp.nameid.saml1.legacyGenerator = shibboleth.LegacySAML1NameIdentifierGenerator
# Default NameID Formats to use when nothing else is called for.
# Don't change these just to change the Format used for a single SP!
#idp.nameid.saml2.default = urn:oasis:names:tc:SAML:2.0:nameid-format:transient
#idp.nameid.saml1.default = urn:mace:shibboleth:1.0:nameIdentifier
# Set to shibboleth.StoredTransientIdGenerator for server-side transient ID storage
#idp.transientId.generator = shibboleth.CryptoTransientIdGenerator
# Persistent IDs can be computed on the fly with a hash, or managed in a database
# For computed IDs, set a source attribute and a secret salt:
#idp.persistentId.sourceAttribute = changethistosomethingreal
#idp.persistentId.useUnfilteredAttributes = true
# Do *NOT* share the salt with other people, it's like divulging your private key.
#idp.persistentId.algorithm = SHA
#idp.persistentId.salt = changethistosomethingrandom
# To use a database, use shibboleth.StoredPersistentIdGenerator
#idp.persistentId.generator = shibboleth.ComputedPersistentIdGenerator
# For basic use, set this to a JDBC DataSource bean name:
#idp.persistentId.dataSource = PersistentIdDataSource
# For advanced use, set to a bean inherited from shibboleth.JDBCPersistentIdStore
#idp.persistentId.store = MyPersistentIdStore
# Set to an empty property to skip hash-based generation of first stored ID
#idp.persistentId.computed = shibboleth.ComputedPersistentIdGenerator
|
