CVS Commit: FAC dist/service/shib-idp/etc/shib-idp/conf by jhutz
Jeffrey Hutzelman
jhutz+ at minbar.fac.cs.cmu.edu
Wed Mar 11 17:14:00 EDT 2015
Update of /afs/cs.cmu.edu/project/fac-cvs/dist/service/shib-idp/etc/shib-idp/conf
In directory minbar.fac.cs.cmu.edu:/afs/cs.cmu.edu/project/fac-master/dist/service/shib-idp/etc/shib-idp/conf
Modified Files:
attribute-filter.xml attribute-resolver.xml
Log Message:
shib-idp: princ-as-email release policy
Add an attribute release policy "princ-as-email", which releases the
Kerberos principal name as a nameID with the emailAddress format.
Additionally, both the new princ-as-email policy and the new princ
policy now deny release of transient IDs, in order to insure selection
of the correct attribute for use as the subject identifier.
More information about the Fac-source-change-log
mailing list