Subject: Grouper Developers Forum
List archive
- From: Shilen Patel <>
- To: Emily Eisbruch <>
- Cc: Grouper Dev <>
- Subject: Re: [grouper-dev] Draft Minutes: Grouper Call 24-Jun-09
- Date: Sun, 5 Jul 2009 11:43:20 -0400
Hi,
I started a wiki page on this.
Thanks!
-- Shilen
On Jun 29, 2009, at 8:54 AM, Emily Eisbruch wrote: **Exposing Groups Through Shibboleth**
Chris said that at CAMP it seemed few campuses were exposing groups thru Shibboleth, due to concern about security issues inherent in sharing group information. However, Duke has integrated Group and Shib in a secure way. Penn is also trying to do this securely, so it’s possible to provide certain group info to certain service providers.
TomB commented that the issue of how to protect sensitive group info applies to interfacing Grouper with LDAP as well as with Shib. We don’t want to pass around all of a person’s group memberships, the way Windows does.
Jim said that University of Washington converts group info into entitlements, so that group details are not exposed.
[AI] (Shilen) and (Jim) will create a wiki page on handling entitlements to minimize publishing of group information.
|
- Re: [grouper-dev] Draft Minutes: Grouper Call 24-Jun-09, Shilen Patel, 07/05/2009
Archive powered by MHonArc 2.6.16.
