First many thanks for creating such great open source product. I apologize in advance for dumb questions, I’m a SAML newbie.
Our use case: simpleSAMLphp is the SP, generates the AuthnRequest and sends it to the Idp. Our application is the Idp and consumes the AuthnRequest
I’m able to get everything working except that we expect to consume some value we put in the <Subject>. Something like this:
<Subject xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
<NameID>someName</NameID>
</Subject>
I’ve been searching and trying things all day and I can’t find a way to add this to our AuthnRequest before it gets sent
I was able to add extensions to the request in a similar way as explained here (https://simplesamlphp.org/docs/stable/saml:sp Section 4.8) so I have access to the SimpleSAML_Auth_Simple object but I don’t see a way to set the nameId there.
I do see the method in the class SAML2_Assertion::addSubject but that’s private. I see that it sets it when the class variable “nameId” is set but that’s private as well. I thought about brute forcing this and make it public and set it. However, I got stuck getting access to this SAML2_Assertion object. Plus I’m pretty sure this is not the right way to go.
Is there a configuration I can set? Or some other way to achieve this?
Thanks in advance for your help,
Enrique