SOAP SLO handler: what would it be used for?

Cantor, Scott cantor.2 at
Wed Apr 16 19:15:54 EDT 2014

On 4/16/14, 7:09 PM, "Tom Scavo" <trscavo at> wrote:
>As a brief aside, we will have to fix this problem, sooner rather than
>later, since eduGAIN (i.e., interfederation) is breathing down our
>necks. The short-term solution is probably entity attributes. I don't
>know what the preferred long-term solution will be.

There's never going to be a solution that works with V2, unless somebody
else builds one at least.

So the answer is basically for now "don't do this". The ability to tailor
profiles wasn't meant to be used as an authorization control, and the
other crazy RP features like selecting different keys or entityIds were
pretty much bad ideas to start with.

We do support entity attributes in the attribute filtering step, so that's
the intended mechanism, or again, one can use a custom login handler.

-- Scott

More information about the users mailing list