From 85aa8bc522cbf665c033faeb5cba011353ffd3c2 Mon Sep 17 00:00:00 2001
From: dlaniel <dlaniel@2a3a78c3-912c-0410-af21-e1fb2d1df599>
Date: Fri, 1 Dec 2006 10:09:37 +0000
Subject: [PATCH] Added the possibility to force NameID encryption with NameID
 format : encrypted

git-svn-id: svn://localhost/lasso-conform/trunk@28 2a3a78c3-912c-0410-af21-e1fb2d1df599
---
 lcs/root.ptl | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lcs/root.ptl b/lcs/root.ptl
index 8598e01..df65ac7 100644
--- a/lcs/root.ptl
+++ b/lcs/root.ptl
@@ -116,7 +116,8 @@ class RootDirectory(Directory):
                 title = _('Name Identifier Format'),
                 options = [('persistent', _('Persistent')),
                     ('transient', _('Transient')),
-                    ('none', _('(none'))])
+                    ('encrypted', _('Encrypted')),
+                    ('none', _('(none)'))])
         # XXX: affiliation
         form.add(SingleSelectWidget, 'consent',
                 title = _('Consent'),
@@ -236,6 +237,8 @@ class RootDirectory(Directory):
             login.request.nameIDPolicy.format = lasso.SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT
         elif nid_format == 'transient':
             login.request.nameIDPolicy.format = lasso.SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT
+        elif nid_format == 'encrypted':
+            login.request.nameIDPolicy.format = lasso.SAML2_NAME_IDENTIFIER_FORMAT_ENCRYPTED
         elif nid_format == 'none':
             login.request.nameIDPolicy.format = lasso.SAML2_NAME_IDENTIFIER_FORMAT_NONE