SSO with Box
C R
publist.cr at gmail.com
Tue Nov 25 05:39:01 EST 2014
Our approach is to only release the requested attributes (including eppn)
only when the user has a "box" entitlement (eduPersonEntitlement) in our
LDAP backend. If the entitlement is absent or gone, the login will fail.
Regards,
Claudio
2014-10-30 20:29 GMT+01:00 Gary Chapman <gary.chapman at nyu.edu>:
> Hi, we are finalizing a SAML 2.0 integration with Box.com.
>
> We've been told that Box cannot support a common approach we take
> of releasing an eduPersonEntitlement value - the presence of which
> signals the SP to allow the incoming user to use the service, and the
> absence of which signals the SP to disallow access to the incoming user.
>
> Does this sound correct (i.e. no Box support for this approach) to those
> of you who've done SSO integrations with Box?
>
> Thanks - Gary Chapman, NYU
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20141125/af9621d3/attachment.html
More information about the users
mailing list