Viewing all changes in revision 1680.
- Committer: Ubuntu One Auto Copilot
- Date: 2019-01-28 16:05:12 UTC
- mfrom: (1679.1.1 saml-extra-attribute-substitutions)
- Revision ID: otto-copilot@canonical.com-20190128160512-sjoh7h3bbmolv5rc
Add two new substitutions to be used in SAML attribute values.
"displayname" is normally the users' Full Name in SSO.
"email" is the e-mail address.
These enable reporting richer SAML attributes to SPs who can then create nicer-looking
local identities.
Additionally, the existence of the e-mail attribute/substitution might allow
for full compliance with the SAML 8.3 "persistent" policy, though this would
require additional implementation work.
Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/saml-extra-attribute-substitutions/+merge/362265
"displayname" is normally the users' Full Name in SSO.
"email" is the e-mail address.
These enable reporting richer SAML attributes to SPs who can then create nicer-looking
local identities.
Additionally, the existence of the e-mail attribute/substitution might allow
for full compliance with the SAML 8.3 "persistent" policy, though this would
require additional implementation work.
Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/saml-extra-attribute-substitutions/+merge/362265
expand all
collapse all
added
removed
