Redis as Storage Service for SP
Peter Schober
peter.schober at univie.ac.at
Wed May 11 07:33:14 EDT 2016
* Peter Schober <peter.schober at univie.ac.at> [2016-05-11 13:18]:
> you don't enforce shib sessions for the whole web server and leave
> session checking and establishment to ownCloud (that might all be
> the case already) […]
E.g. some owncloud documentation a quick search turned up suggests
this is already the case/possible:
"In many scenarios Shibboleth is not intended to hide the user’s
password from the service provider, but only to implement SSO. If that
is the case it is sufficient to protect the ownCloud base url with
Shibboleth. This will send Web users to the IdP but allow desktop and
mobile clients to continue using username and password, preventing
popups due to an expired Shibboleth session lifetime."
https://doc.owncloud.org/server/9.0/admin_manual/enterprise_user_management/user_auth_shibboleth.html
If an expired Shibboleth session does not disrupt access to the
application obviously only ownCloud's own session can be relevant in
such a configuration -- so there'd also be no need to cluster the SP's
session.
-peter
More information about the users
mailing list