Page tree
Skip to end of metadata
Go to start of metadata

SAML 1 String NameIdentifier Attribute Encoder

The SAML 1 string NameIdentifier encoder creates SAML 1 <NameIdentifier> elements from resolved attributes. The content of the <NameIdentifier> element is a string created by invoking the Object.toString() method on the first value of the resolved attribute. This encoder is only used for SAML 1 messages and will be ignored when the IdP is answering other protocol messages.

Define the Encoder

Attribute encoders are defined after any dependencies with an <resolver:AttributeDefinition>. The SAML 1 string NameIdentifier encoders starts with the same <resolver:AttributeEncoder> element as all other encoders and has a type of xsi:type="SAML1StringNameIdentifier". The <resolver:AttributeEncoder> may also have the following the attributes:

  • nameFormat - this becomes the Format attribute on the created SAML 1 <NameIdentifier> element; defaults to urn:oasis:names:tc:SAML:1.0:nameid-format:unspecified
  • nameQualifier - this becomes the NameQualifier attribute on the created SAML 1 <NameIdentifier> element; this attribute is optional
SAML 1 String NameIdentifier Encoder, without optional attributes, within a Principal Name Attribute Definition
<resolver:AttributeDefinition id="UNIQUE_ID" xsi:type="ad:PrincipalName">

     <resolver:AttributeEncoder xsi:type="enc:SAML1StringNameIdentifier" />

</resolver:AttributeDefinition>
SAML 1 String NameIdentifier Encoder, with attributes, within a Principal Name Attribute Definition
<resolver:AttributeDefinition id="UNIQUE_ID" xsi:type="ad:PrincipalName">

     <resolver:AttributeEncoder xsi:type="enc:SAML1StringNameIdentifier"
                                                       nameFormat="IDENTIFIER_NAME_FORMAT"
                                                       nameQualifier="IDENTIFIER_NAME_QUALIFIER" />

</resolver:AttributeDefinition>

Deployers that wish to use the same attribute to support the creation of NameIdentifier of multiple name formats may define multiple SAML 1 NameIdentifier encoders with differing formats.

  • No labels