Shibboleth ID concepts

Manuel Haim haim at
Wed Aug 8 06:04:54 EDT 2012

Thanks Scott,

things look much clearer to me now.

For local apps, we tend to use deprovisioning scripts based on the
username, but in a federated environment this is no option, thus we will
try to establish some all-time-unique non-complex identifiers...

And there were so many caveats about the eduPersonTargetedID within the
Shibboleth wiki and example config that I really hesitated to use it at
all (it sounded like a relict of old days, so thanks for clarifying it

As for the links you posted, I didn't know there was so much going on in
behind. I will enjoy having a close look at them later.


More information about the users mailing list