Attribute Provider
Cantor, Scott
cantor.2 at osu.edu
Wed Jan 2 09:56:35 EST 2013
On 1/2/13 4:53 AM, "Mauro Levra" <mauro.levra at studenti.polito.it> wrote:
>
>I have not found yet a general consensus about what an AP should or
>should not do and, even if some profiles mention them as possible
>entities, I have not found any working implementations. To me, one of
>the key issues is how to handle user authentication on the AP side.
Assuming you mean a SAML AA, Shibboleth has always provided an Attribute
Authority implementation, and I don't know what you mean by the latter. If
there's user authentication involved, it has nothing to do with the
SAML-defined role or profile for attribute queries.
>So, may I ask if some of you could help me clarify the conceptual
>definition of an Attribute Provider in a federated identity scenario?
I don't really deal in conceptual definitions anymore. Just not enough
time to spin my wheels on that. If you want a SAML definition, I can give
you one. You can get a dozen more I'm sure.
>Also, would it be possible to use a modified Shibboleth IdP to implement
>a working AP?
Again, if you mean SAML, it doesn't need to be modified.
-- Scott
More information about the users
mailing list