Questions about returning roles in the Assertion
Yaowen Tu
yaowen.tu at gmail.com
Fri Aug 31 13:55:42 EDT 2012
Thanks for your reply Scott.
Regarding your following answer:
If you're not familiar with it, I'd avoid it, personally. Use a
database if that's what you're comfortable with.
The reason I am not using DB for my testing purpose is that Shib IDP has
OOTB JAAS and DataConnector for LDAP, but for relational DB it only has a
DataConnector. Is my understanding correct?
So I didn't want to spend too much time on implementing a DB JAAS before
experiencing the LDAP stuff.
Also I see that in the DataConnector, we are storing plain text for
"principalCredential" or "jdbcPassword". Is there an option to encrypt this
field?
Thanks,
Yaowen
On Thu, Aug 30, 2012 at 6:56 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 8/30/12 9:47 PM, "David Bantz" <dabantz at alaska.edu> wrote:
> >
> >I trust and hope they are better informed now 8-}
>
> What he really ended up saying was that he didn't think it was a good
> thing to do. Which I don't agree with, but that moved it into the realm of
> the subjective.
>
> >Or do we need to send a delegation to Burton?
>
> Well, you may well encounter them telling people that federations like
> InCommon don't play any role in federating two organizations. They really
> don't understand SAML at all, but in their defense, their only real
> benchmark are the kinds of products that we're well aware are pretty
> broken when it comes to managing federation.
>
> I guess it's clearer to me that they learn a technology by evaluating
> products, not evaluating the potential of a technology itself. Pragmatic,
> and probably unavoidable.
>
> -- Scott
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20120831/ef135a59/attachment.html
More information about the users
mailing list