login page w/ Social IDP options

Peter Schober peter.schober at univie.ac.at
Thu Sep 22 18:03:24 BST 2011

* Liam Hoekenga <liamr at umich.edu> [2011-09-22 18:53]:
> > Just to be sure, you (and/or your boss) did look at
> > https://spaces.internet2.edu/display/socialid/ (and it's many sub
> > pages) and the Internet2 mailing list of the same name?
> Peter -
> I was unaware of that list.  I will investigate.

That wiki page also contains implementation descriptions, some I guess
matching your use case (e.g. protecting the IdP's RemoteUser handler
with an Apache httpd module that presents a choice of
Campus-SSO/Cosign plus "social" IdPs, instead of directly with
People using the mod_cosign in their webserver would continue to be
redirected to the cosign cgi (no SAML or Shibboleth involved), and
people accessing SAML-protected services and chosing your Shib IdP
will be give some kind of discovery service, including your Cosign
instance -- not sure this is what you wanted (I'd need to re-read,
probably several times).
And even if get this set up, problems will only begin there
(Resolving of "social" attributes from the IdP? Representation of
social identifiers to SPs? of attributes to SPs? LoA? etc.)

More information about the users mailing list