From 542fc728b93efcd27c191bbfb436ee36ceb7f0c2 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Fri, 8 Oct 2010 09:01:27 +0000
Subject: [PATCH] Make it clearer what to do in order to use the uri attribute
NameFormat.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2569 44740490-163a-0410-bde0-09ae8108e29a
---
docs/simplesamlphp-idp.txt | 13 +++++++++++++
metadata-templates/saml20-idp-hosted.php | 10 ++++++++++
2 files changed, 23 insertions(+)
diff --git a/docs/simplesamlphp-idp.txt b/docs/simplesamlphp-idp.txt
index 06177a7ee..d82ba8dcc 100644
--- a/docs/simplesamlphp-idp.txt
+++ b/docs/simplesamlphp-idp.txt
@@ -147,6 +147,19 @@ For more information about available options in the idp-hosted metadata
files, see the [IdP hosted reference](simplesamlphp-reference-idp-hosted).
+Using the `uri` NameFormat on attributes
+----------------------------------------
+
+It is generally recommended to use the `urn:oasis:names:tc:SAML:2.0:attrname-format:uri` attribute NameFormat in new installations.
+This can be done by adding the following to the saml20-idp-hosted configuration:
+
+ 'AttributeNameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
+ 'authproc' => array(
+ // Convert LDAP names to oids.
+ 100 => array('class' => 'core:AttributeMap', 'name2oid'),
+ ),
+
+
Adding SPs to the IdP
---------------------
diff --git a/metadata-templates/saml20-idp-hosted.php b/metadata-templates/saml20-idp-hosted.php
index 57ae0fd5a..a714a7ec2 100644
--- a/metadata-templates/saml20-idp-hosted.php
+++ b/metadata-templates/saml20-idp-hosted.php
@@ -22,4 +22,14 @@ $metadata['__DYNAMIC:1__'] = array(
* 'config/authsources.php'.
*/
'auth' => 'example-userpass',
+
+ /* Uncomment the following to use the uri NameFormat on attributes. */
+ /*
+ 'AttributeNameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
+ 'authproc' => array(
+ // Convert LDAP names to oids.
+ 100 => array('class' => 'core:AttributeMap', 'name2oid'),
+ ),
+ */
+
);
--
GitLab