From 424a03e5bd141bfa80220816d6e9bd6be9aa256f Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Mon, 23 Mar 2015 17:25:55 -0400
Subject: [PATCH] Make unspecified the default Name ID format, add to enabled
 list

https://fedorahosted.org/ipsilon/ticket/27

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
---
 ipsilon/providers/saml2idp.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py
index 5d8aa03..8ff512c 100644
--- a/ipsilon/providers/saml2idp.py
+++ b/ipsilon/providers/saml2idp.py
@@ -207,12 +207,13 @@ Provides SAML 2.0 authentication infrastructure. """
                 'default allowed nameids',
                 'Default Allowed NameIDs for Service Providers.',
                 metadata.SAML2_NAMEID_MAP.keys(),
-                ['persistent', 'transient', 'email', 'kerberos', 'x509']),
+                ['unspecified', 'persistent', 'transient', 'email',
+                 'kerberos', 'x509']),
             pconfig.Pick(
                 'default nameid',
                 'Default NameID used by Service Providers.',
                 metadata.SAML2_NAMEID_MAP.keys(),
-                'persistent'),
+                'unspecified'),
             pconfig.String(
                 'default email domain',
                 'Used for users missing the email property.',
-- 
2.20.1