Skip to Content.
Sympa Menu

grouper-dev - Re: [grouper-dev] Draft Minutes: Grouper Call 24-Jun-09

Subject: Grouper Developers Forum

List archive

Re: [grouper-dev] Draft Minutes: Grouper Call 24-Jun-09

Chronological Thread 
  • From: Shilen Patel <>
  • To: Emily Eisbruch <>
  • Cc: Grouper Dev <>
  • Subject: Re: [grouper-dev] Draft Minutes: Grouper Call 24-Jun-09
  • Date: Sun, 5 Jul 2009 11:43:20 -0400


I started a wiki page on this.


-- Shilen

On Jun 29, 2009, at 8:54 AM, Emily Eisbruch wrote:

**Exposing Groups Through Shibboleth**

Chris said that at CAMP it seemed few campuses were exposing groups thru Shibboleth, due to concern about security issues inherent in sharing group information.  However, Duke has integrated Group and Shib in a secure way. Penn is also trying to do this securely, so it’s possible to provide certain group info to certain service providers. 

TomB commented that the issue of how to protect sensitive group info applies to interfacing Grouper with LDAP as well as with Shib. We don’t want to pass around all of a person’s group memberships, the way Windows does.

Jim said that University of Washington converts group info into entitlements, so that group details are not exposed.

[AI]  (Shilen) and (Jim) will create a wiki page on handling entitlements to minimize publishing of group information.

Archive powered by MHonArc 2.6.16.

Top of Page