Page tree

The Shibboleth 2.x software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only.

Skip to end of metadata
Go to start of metadata

The <NameIDMgmt> element is used to enable and configure support for Name Identifier Management protocols within the SP. It is rarely used, but replaces the functions of the <md:ManageNameIDService> handler elements from the older (pre-2.4) configuration.

Instead of defining explicit endpoints with low-level binding information, the <NameIDMgmt> element automates the installation of the appropriate handlers based on the protocols selected for activation.

A basic example supporting SAML 2.0:

<NameIDMgmt>SAML2</NameIDMgmt>

Element Content

The content of the element is a whitespace-delimited list of "protocol" identifiers. The following are built-in to the SP:

  • SAML2
    • SAML 2.0 Name Identifier Management profile (front- and back-channel, IdP-initiated only).
    • For more complete information about the exact protocol behavior, see the NativeSPManageNameIDService topic.

Other protocols can be "integrated" with the service-based configuration mechanism by supplying the relevant information via the <ProtocolProvider> plugin interface.

  • No labels