Setting NameIdFormat for SAML

Question

I have the following webSsoProfileOptions:

@Bean public WebSSOProfileOptions webSSOProfileOptions() { WebSSOProfileOptions options = new WebSSOProfileOptions(); options.setNameID(NameIDType.TRANSIENT); return options; }

But the MetadataGenerator produces the following name-id-formats:

<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat>

How to change the generator that only <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> is produced?

Answer 1

It must be set to MetadataGenerator.

http://docs.spring.io/spring-security-saml/docs/current/reference/htmlsingle/#configuration-metadata-sp-generation