diff options
author | Roland Hedberg <roland.hedberg@adm.umu.se> | 2016-02-11 14:47:01 +0100 |
---|---|---|
committer | Roland Hedberg <roland.hedberg@adm.umu.se> | 2016-02-11 14:47:01 +0100 |
commit | 773bf9570bd6122e754bb7a67a44e4e21e34e682 (patch) | |
tree | bbf0a822fa365223c7fbc2aeeb69927c20c14cfc /src/saml2/ident.py | |
parent | 454ef61d7cc07ee99406c1e81f359bbddd99d3ea (diff) | |
download | pysaml2-773bf9570bd6122e754bb7a67a44e4e21e34e682.tar.gz |
Persistent ID should not be equal to userid !
According to the spec: Persistent name identifiers
generated by identity providers MUST be constructed using pseudo-random values that have no discernible correspondence with the subject's actual identifier (for example, username)
Diffstat (limited to 'src/saml2/ident.py')
-rw-r--r-- | src/saml2/ident.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/saml2/ident.py b/src/saml2/ident.py index 7b1667af..db8365bc 100644 --- a/src/saml2/ident.py +++ b/src/saml2/ident.py @@ -163,8 +163,8 @@ class IdentDB(object): _id = "%s@%s" % (_id, self.domain) - if nformat == NAMEID_FORMAT_PERSISTENT: - _id = userid + # if nformat == NAMEID_FORMAT_PERSISTENT: + # _id = userid nameid = NameID(format=nformat, sp_name_qualifier=sp_name_qualifier, name_qualifier=name_qualifier, text=_id) |