Attributes released by two IdPs
Cantor, Scott
cantor.2 at osu.edu
Tue Sep 6 19:16:49 BST 2011
On 9/6/11 1:55 PM, "Stefano Zanmarchi" <zanmarchi at gmail.com> wrote:
>Hi,
>I'd like to know if it's somehow possible for a SP to retrieve a set
>of attributes from
>two IdPs, just one performing the auth but each releasing a subset of
>attributes.
>And, if the scenario is possible, would one IdP contact the other on
>the back channel,
>or rather redirect the browser to its front channel?
If you want the IdP to do aggregation, then you need a custom data
connector in the IdP. If you want the SP to do it, then you need a common
identifier and a linking strategy, and you can configure the plugin
described in the wiki under SP Attribute Resolvers. If you want to do
something in the front channel, you would have to do it yourself or extend
the SP.
-- Scott
More information about the users
mailing list