OpenSearch/x-pack/test/idp-fixture/idp/shibboleth-idp/conf/saml-nameid.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:util="http://www.springframework.org/schema/util"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:c="http://www.springframework.org/schema/c"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
                           http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
                           http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
                           
       default-init-method="initialize"
       default-destroy-method="destroy">

    <!-- ========================= SAML NameID Generation ========================= -->

    <!--
    These generator lists handle NameID/Nameidentifier generation going forward. By default,
    transient IDs for both SAML versions are enabled. The commented examples are for persistent IDs
    and generating more one-off formats based on resolved attributes. The suggested approach is to
    control their use via release of the underlying source attribute in the filter policy rather
    than here, but you can set a property on any generator called "activationCondition" to limit
    use in the most generic way.
    
    Most of the relevant configuration settings are controlled using properties; an exception is
    the generation of arbitrary/custom formats based on attribute information, examples of which
    are shown below.
    
    -->
    
    <!-- SAML 2 NameID Generation -->
    <util:list id="shibboleth.SAML2NameIDGenerators">
    
        <ref bean="shibboleth.SAML2TransientGenerator" />
        
        <!-- Uncommenting this bean requires configuration in saml-nameid.properties. -->
        <!--
        <ref bean="shibboleth.SAML2PersistentGenerator" />
        -->

        <!--
        <bean parent="shibboleth.SAML2AttributeSourcedGenerator"
            p:omitQualifiers="true"
            p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
            p:attributeSourceIds="#{ {'mail'} }" />
        -->
                
    </util:list>

    <!-- SAML 1 NameIdentifier Generation -->
    <util:list id="shibboleth.SAML1NameIdentifierGenerators">

        <ref bean="shibboleth.SAML1TransientGenerator" />

        <!--
        <bean parent="shibboleth.SAML1AttributeSourcedGenerator"
            p:omitQualifiers="true"
            p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
            p:attributeSourceIds="#{ {'mail'} }" />
        -->
                
    </util:list>
    
</beans>