32 lines
1.6 KiB
Properties
32 lines
1.6 KiB
Properties
# Properties involving SAML NameIdentifier/NameID generation/consumption
|
|
|
|
# For the most part these settings only deal with "transient" and "persistent"
|
|
# identifiers. See saml-nameid.xml and c14n/subject-c14n.xml for advanced
|
|
# settings
|
|
|
|
# Default NameID Formats to use when nothing else is called for.
|
|
# Don't change these just to change the Format used for a single SP!
|
|
#idp.nameid.saml2.default = urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
|
#idp.nameid.saml1.default = urn:mace:shibboleth:1.0:nameIdentifier
|
|
|
|
# Set to shibboleth.StoredTransientIdGenerator for server-side transient ID storage
|
|
#idp.transientId.generator = shibboleth.CryptoTransientIdGenerator
|
|
|
|
# Persistent IDs can be computed on the fly with a hash, or managed in a database
|
|
|
|
# For computed IDs, set a source attribute, and a secret salt in secrets.properties
|
|
#idp.persistentId.sourceAttribute = changethistosomethingreal
|
|
#idp.persistentId.useUnfilteredAttributes = true
|
|
#idp.persistentId.algorithm = SHA
|
|
# BASE64 will match V2 values, we recommend BASE32 encoding for new installs.
|
|
idp.persistentId.encoding = BASE32
|
|
|
|
# To use a database, use shibboleth.StoredPersistentIdGenerator
|
|
#idp.persistentId.generator = shibboleth.ComputedPersistentIdGenerator
|
|
# For basic use, set this to a JDBC DataSource bean name:
|
|
#idp.persistentId.dataSource = PersistentIdDataSource
|
|
# Controls which JDBC error codes are treated as retryable
|
|
#idp.persistentId.retryableErrors = 23000,23505
|
|
# Set to an empty property to skip hash-based generation of first stored ID
|
|
#idp.persistentId.computed = shibboleth.ComputedPersistentIdGenerator
|