When I use the latest version of the SAML module from the app store I run into the following issue.
When configuring the principal to match anything other than username, logging in fails with a NPE.
This makes sense when looking at the code in SessionManager.java on line 341.
IUser newuser = Core.getUser(mxContext, principalValue);
SAMLSessionInfo samlSessionInfo = new SAMLSessionInfo(mxSAMLAssertion, entityId, config, newuser);This tries to retrieve a user where their username is equal to the principalValue, which of course won't work (or even worse, retrieve the wrong user) when using anything other than username in your sso config.
I am mostly creating this post so it might show up in Google when people run into the same problem. If someone in a position to fix this would read this that would be even better :).