LassoSamlp2NameIDPolicy

LassoSamlp2NameIDPolicy — <samlp2:NameIDPolicy>

Functions

Types and Values

Description

Figure 83. Schema fragment for samlp2:NameIDPolicy


<complexType name="NameIDPolicyType">
  <attribute name="Format" type="anyURI" use="optional"/>
  <attribute name="SPNameQualifier" type="string" use="optional"/>
  <attribute name="AllowCreate" type="boolean" use="optional"/>
</complexType>

Functions

lasso_samlp2_name_id_policy_new ()

LassoNode *
lasso_samlp2_name_id_policy_new (void);

Creates a new LassoSamlp2NameIDPolicy object.

Returns

a newly created LassoSamlp2NameIDPolicy object

Types and Values

struct LassoSamlp2NameIDPolicy

struct LassoSamlp2NameIDPolicy {
	LassoNode parent;

	/* attributes */
	char *Format;
	char *SPNameQualifier;
	gboolean AllowCreate;
};

NameIDPolicy element is part of AuthnRequest and allows to give hint to the identity provider about the NameID the service provider desire to receive.

Members

LassoNode parent;

   

char *Format;

the name-identifier format, see LASSO_SAML2_NAME_IDENTIFIER_FORMAT_EMAIL, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_X509, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_WINDOWS, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_KERBEROS, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENTITY, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT, LASSO_SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT or LASSO_SAML2_NAME_IDENTIFIER_FORMAT_ENCRYPTED.

 

char *SPNameQualifier;

other providerID to use as SPNameQualifier in the returned assertion. By default an IdP create a NameID for the requesting entity, this field allows to obtain a NameID qualified for a third party.

 

gboolean AllowCreate;

authorize the identity provider to create a new federation, otherwise it must report a failure in case no existing federation is found (status code of LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST and error code of LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND).