Dynamic Configuration of IdP
Cantor, Scott
cantor.2 at osu.edu
Tue Oct 1 01:16:30 EDT 2013
On 9/30/13 11:16 PM, "M" <mlsaghir at yahoo.com> wrote:
>We would much prefer to get the metadata from a third party. Are you
>referring to something like InCommon?
Yes.
> Some of our clients use InCommon, but many do not. So even if we used
>a third party federation, wouldn't we need a way to handle the clients
>who don't use a federation?
Ultimately nobody but you can assess the business processes required. The
average customer will be happy to exchange email with you and call it a
day, and just let it break when they change something.
But you shouldn't have to do anything special for members of federations
that make metadata available.
Your questions here ultimately are not technical. You can see from the
documentation what's technically possible or not. The issue is how you get
the metadata, when you get it, what you do to verify it, and what you do
to handle changes to it. Those are all essentially process questions.
-- Scott
More information about the users
mailing list