getting to grips with saml2 attributes
Fri, Nov 5, 2010
When I built the SAML2  Web Browser SSO Profile into the Guanxi IdP and SP, I based the attribute release from the IdP on a specific profile. The X.500/LDAP Attribute Profile which looks like this:
The word on the streets is the former is the one to use, even though it’s just bloatware. I mean, why have so much crammed in there when all you want is the name and value of the attribute? Why not just use the basic attribute profile? Turns out some SPs do use the basic attribute profile so I’m now adding support for this to the Guanxi IdP and SP.
 SAML2 Specifications
 SAML2 X.500/LDAP Attribute Profile [PDF]
 SAML2 Basic Attribute Profile [PDF]