Solved
Forum Discussion
Lucas_Thompson_
Historic F5 Account
Support for NameQualifier and SPNameQualifier is added in BIG-IP APM v13.1. This version will be released very shortly.
Lucas_Thompson_
Dec 06, 2017Historic F5 Account
The Name Qualifier settings are in 4 areas:
- SAML SP Connector: SP Name Qualifier
- SAML SP Service: SP Name-Identifier Qualifier
- IdP Service: Name Qualifier
- IdP Connector: Name Qualifier
These correspond to the following BIG-IP MCP settings:
apm aaa saml-idp-connector
Adds this configuration to apm aaa saml-idp-connector
name-qualifier
Specifies the security or administrative domain of the external
IdP. This value usually matches IdP Entity ID.
apm aaa saml
Adds this configuration to apm aaa saml
name-id-policy-sp-name-qualifier
Optionally specifies that the assertion subject's identifier be
returned in the namespace of an SP other than the requester, or in
the namespace of a SAML affiliation group of SPs. This attribute
can be a session variable.
apm sso saml-sp-connector
Adds this configuration to apm sso saml-sp-connector
sp-name-qualifier
Optionally qualifies an identifier with the name of a service
provider or affiliation of providers.
apm sso saml
Adds this configuration to apm sso saml
name-qualifier
Specifies the security or administrative domain of the IdP (this
BIG-IP system). This value usually matches IdP Entity ID.