Using two dataconnectors for one service provider

Bryan E. Wooten bryan.wooten at utah.edu
Wed Apr 2 09:41:36 EDT 2014


Strange, I was just on a call with Box for our Shib integration 2 weeks ago.

No mention of AD group membership. As a matter of fact they did not want us to release group memberships in the SAML assertion. They also recommended we not use their API for groups either. They said most U's don't use the API.

In your integration do they want direct access to your Active Directory? That sounds like a bad idea.

-Bryan

From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Vignesh, Vanna G.
Sent: Wednesday, April 02, 2014 7:27 AM
To: users at shibboleth.net
Subject: Using two dataconnectors for one service provider

Our Idp uses authldap as the only data connector. One of the SPs (box.com provisioning) requires the user should be in AD security group too. All the mandatory attributes will be from authldap.
The user should not get successful authentication if he is not in that AD group. How can I handle this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140402/8f968cd8/attachment.html 


More information about the users mailing list