MCB Use Case Question
David Langenberg
davel at uchicago.edu
Wed May 21 11:06:26 EDT 2014
It sorta mimics how the Duo plugin works, but for your case, I think you'll
have to write your own OTP plug-in so that the proper lookup can be
performed (either directly in LDAP or using the attribute-resolver). The
Duo plug-in just reads the principal as reported to it by the MCB proper
and passes that along to Duo.
Dave
On Wed, May 21, 2014 at 9:01 AM, Mike Wiseman <mike.wiseman at utoronto.ca>wrote:
> Hi,
>
>
>
> I have a somewhat complex use case for the Multi Context Broker and was
> wondering if anyone has advice on it.
>
>
>
> The relying party requires username/password for all applications and OTP
> for a subset. The username is different from the institutional username so
> a separate idp that works with the RP environment will be deployed. The OTP
> service uses the institutional username only. So the idp/MCB needs to
> handle the RP-related username, look up the institutional username and then
> offer an OTP login to the user. Will MCB keep track of the RP-related
> username? Can the LDAP lookup be done before the OTP login?
>
>
>
> This sounds a bit similar to the Duo plugin, does it not?
>
>
>
> Thanks,
>
>
>
> Mike
>
>
>
> Mike Wiseman
>
> Manager, Information Security
>
> Information Technology Services
>
> University of Toronto
>
>
>
> This email and any attachments contain privileged and / or confidential
> information for internal University of Toronto communication only unless
> otherwise indicated.
>
>
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
--
David Langenberg
Identity & Access Management
The University of Chicago
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140521/3ba7e995/attachment.html
More information about the users
mailing list