docs: Add documentation for NameID in eduPersonTargetedID.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1686 44740490-163a-0410-bde0-09ae8108e29a

docs: Add documentation for NameID in eduPersonTargetedID.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1686 44740490-163a-0410-bde0-09ae8108e29a
8635ad43 · Olav Morken · 0010ce04 · 8635ad43
Commit 8635ad43 authored 15 years ago by Olav Morken
--- a/docs/simplesamlphp-authproc.txt
+++ b/docs/simplesamlphp-authproc.txt
@@ -303,6 +303,39 @@ In example that could mean:
 		23:https://sp.example.org19:andreas@uninett.noq8d76f8ds75f68d7s' )


+#### Internet2 compatible `eduPersontargetedID` ####
+
+Internet2 uses an `<AttributeValue>` element with a `<NameID>` element to represent the `edupersonTargetedID`:
+
+    <saml2:AttributeValue>
+        <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+           NameQualifier="https://idp.example.org/shibboleth"
+           SPNameQualifier="https://sp.example.org/shibboleth"
+           >1234567890</saml2:NameID>
+    </saml2:AttributeValue>
+
+This format is documented in the [MACE-Dir SAML Attribute Profiles](http://middleware.internet2.edu/dir/docs/internet2-mace-dir-saml-attributes-200604.pdf) document.
+
+To make simpleSAMLphp generate this kind of `eduPersonTargetedID`, you need to set the `nameId`-option to TRUE.
+You also need to change the encoding of the `eduPersonTargetedID` attribute to `raw`.
+
+Example:
+
+    $metadata['__DYNAMIC:1__'] = array(
+        'host' => '__DEFAULT__',
+        'auth' => 'example-static',
+
+        'authproc' => array(
+            60 => array(
+                'class' => 'core:TargetedID',
+                'nameId' => TRUE,
+            ),
+        ),
+        'attributeencodings' => array(
+            'eduPersonTargetedID' => 'raw',
+        ),
+    );
+

 ### Adding a group attribute (`core:GenerateGroups`)