From 360b6583e7d691c3d8ffd4044cd52decff435c6d Mon Sep 17 00:00:00 2001 From: Daniele Albrizio Date: Tue, 26 Nov 2024 17:34:52 +0100 Subject: [PATCH] Update HOWTO-Install-and-Configure-a-Shibboleth-IdP-v5.x-on-Debian-Ubuntu-Linux-with-Apache-+-Jetty.md Please verify my words. I noticed this behavior but I might be wrong in assumption --- ...oleth-IdP-v5.x-on-Debian-Ubuntu-Linux-with-Apache-+-Jetty.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/idem-fedops/HOWTO-Shibboleth/Identity Provider/Debian-Ubuntu/HOWTO-Install-and-Configure-a-Shibboleth-IdP-v5.x-on-Debian-Ubuntu-Linux-with-Apache-+-Jetty.md b/idem-fedops/HOWTO-Shibboleth/Identity Provider/Debian-Ubuntu/HOWTO-Install-and-Configure-a-Shibboleth-IdP-v5.x-on-Debian-Ubuntu-Linux-with-Apache-+-Jetty.md index 823dc69b..9e9d66a3 100644 --- a/idem-fedops/HOWTO-Shibboleth/Identity Provider/Debian-Ubuntu/HOWTO-Install-and-Configure-a-Shibboleth-IdP-v5.x-on-Debian-Ubuntu-Linux-with-Apache-+-Jetty.md +++ b/idem-fedops/HOWTO-Shibboleth/Identity Provider/Debian-Ubuntu/HOWTO-Install-and-Configure-a-Shibboleth-IdP-v5.x-on-Debian-Ubuntu-Linux-with-Apache-+-Jetty.md @@ -1392,7 +1392,7 @@ By default, a transient NameID will always be released to the Service Provider i The *sourceAttribute* MUST be an attribute, or a list of comma-separated attributes, that uniquely identify the subject of the generated `persistent-id`. - The *sourceAttribute* MUST be a **Stable**, **Permanent** and **Not-reassignable** directory attribute. + The *sourceAttribute* MUST be a **SAML attribute** populated using a **Stable**, **Permanent** and **Not-reassignable** directory attribute, not a directory attribute itself unless you create a SAML attribute with the same name. ``` xml+jinja # ... other things ...#