proxy-authentication to SP

Dave Perry Dave.Perry at hull-college.ac.uk
Thu May 7 08:24:18 EDT 2015 

I see. Is it auditable in house, or an off the shelf system that you would have to liaise with a 3rd party to reassure any security concerns with?


_________________________________________________
Dave Perry
eLearning Technologist, Hull College Group

Room L34 - Queens Gardens Library
Wilberforce Drive, Queen's Gardens, Hull, HU1 3DG
Extension 2230 / Direct Dial 01482 381930

* Need a fast reply? Try elearning at hull-college.ac.uk *


-----Original Message-----
From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Ulf Seltmann
Sent: 07 May 2015 12:54
To: Shib Users
Subject: Re: proxy-authentication to SP

I do run the SPs, but i do not audit the application that runs on that SPs

Am Donnerstag, den 07.05.2015, 10:42 +0000 schrieb Dave Perry:
> Remind me, do you run these SPs?
> 
> Dave
> 
> _________________________________________________
> Dave Perry
> eLearning Technologist, Hull College Group
> 
> Room L34 - Queens Gardens Library
> Wilberforce Drive, Queen's Gardens, Hull, HU1 3DG Extension 2230 / 
> Direct Dial 01482 381930
> 
> * Need a fast reply? Try elearning at hull-college.ac.uk *
> 
> -----Original Message-----
> From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Ulf 
> Seltmann
> Sent: 07 May 2015 11:35
> To: Shib Users
> Subject: Re: proxy-authentication to SP
> 
> Hello Perry,
> 
> i trust the IdP, but i do not trust the SP. For that i wanted the "bar SP" to talk to the IdP as well to verify that the asking user is authenticated.
> 
> Giving "foo SP" a definite access to "bar SP" is defective by design. if it becomes compromised one only need a user's id to access the user's data on "bar SP".
> 
> **********************************************************************
> This message is sent in confidence for the addressee only. It may  
> contain confidential or sensitive information.  The contents are not 
> to be disclosed to anyone other than the addressee.  Unauthorised 
> recipients are requested to preserve this confidentiality and to 
> advise us of any errors in transmission.  Any views expressed in this 
> message are solely the views of the individual and do not represent 
> the views of the College.  Nothing in this message should be construed 
> as creating a contract.
> 
> Hull College owns the email infrastructure, including the contents.
> 
> Hull College is committed to sustainability, please reflect before printing this email.
> **********************************************************************
> 
> TEXT

--
Ulf Seltmann
Webmaster
Universitätsbibliothek Leipzig
Beethovenstrasse 6
04107 Leipzig

fon: +49 (0)341 97 30 51 0
mail: seltmann at ub.uni-leipzig.de



**********************************************************************
This message is sent in confidence for the addressee
only. It may  contain confidential or sensitive
information.  The contents are not to be disclosed
to anyone other than the addressee.  Unauthorised
recipients are requested to preserve this
confidentiality and to advise us of any errors in
transmission.  Any views expressed in this message
are solely the views of the individual and do not
represent the views of the College.  Nothing in this
message should be construed as creating a contract.

Hull College owns the email infrastructure, including the contents.

Hull College is committed to sustainability, please reflect before printing this email.
**********************************************************************

TEXT

More information about the users mailing list