From 8635ad434560012c379617cef0f89ffc7c4041c2 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Mon, 17 Aug 2009 12:26:22 +0000
Subject: [PATCH] docs: Add documentation for NameID in eduPersonTargetedID.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1686 44740490-163a-0410-bde0-09ae8108e29a
---
 docs/simplesamlphp-authproc.txt | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/docs/simplesamlphp-authproc.txt b/docs/simplesamlphp-authproc.txt
index 878747012..a2468d032 100644
--- a/docs/simplesamlphp-authproc.txt
+++ b/docs/simplesamlphp-authproc.txt
@@ -303,6 +303,39 @@ In example that could mean:
 		23:https://sp.example.org19:andreas@uninett.noq8d76f8ds75f68d7s' )
 
 
+#### Internet2 compatible `eduPersontargetedID` ####
+
+Internet2 uses an `<AttributeValue>` element with a `<NameID>` element to represent the `edupersonTargetedID`:
+
+    <saml2:AttributeValue>
+        <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+           NameQualifier="https://idp.example.org/shibboleth"
+           SPNameQualifier="https://sp.example.org/shibboleth"
+           >1234567890</saml2:NameID>
+    </saml2:AttributeValue>
+
+This format is documented in the [MACE-Dir SAML Attribute Profiles](http://middleware.internet2.edu/dir/docs/internet2-mace-dir-saml-attributes-200604.pdf) document.
+
+To make simpleSAMLphp generate this kind of `eduPersonTargetedID`, you need to set the `nameId`-option to TRUE.
+You also need to change the encoding of the `eduPersonTargetedID` attribute to `raw`.
+
+Example:
+
+    $metadata['__DYNAMIC:1__'] = array(
+        'host' => '__DEFAULT__',
+        'auth' => 'example-static',
+
+        'authproc' => array(
+            60 => array(
+                'class' => 'core:TargetedID',
+                'nameId' => TRUE,
+            ),
+        ),
+        'attributeencodings' => array(
+            'eduPersonTargetedID' => 'raw',
+        ),
+    );
+
 
 ### Adding a group attribute (`core:GenerateGroups`)
 
-- 
GitLab