...
urn:collab:person:
= fixed prefix.{{urn:mace:terena.org:attribute-def:schacHomeOrganization}}
= value of schacHomeOrganisation schacHomeOrganization attribute of the user; typically the same for all users of one institution and will be something like "institution.nl
".{{urn:mace:dir:attribute-def:uid}}
= value ofuid
attribute of the user. Replace each "@" (at) character in the uid with an "_" (underscore) character.
...
Example: urn:collab:person:some-organisation.example.org:m1234567890
SAML Response
The result of a successful authentication is a SAML Response
. Note that it does not contain an AttributeStatement
and that the Assertion
element is signed and that the Response
element is not signed. Response signing is not currently supported by SURFsecureID, it may be added in future versions.
...
An example code for using SFO with SimpleSAMLphp can be found at: https://github.com/SURFnet/Stepup-SFO-demo