shibboleth-dev - Re: Usage of eduPerson attributes in Shibboleth assertions
Subject: Shibboleth Developers
List archive
- From: Walter Hoehn <>
- To:
- Cc:
- Subject: Re: Usage of eduPerson attributes in Shibboleth assertions
- Date: Tue, 11 May 2004 13:21:22 -0500
Hi Vishal,
I have also used eduPersonPrincipalName and eduPersonTargetedID attributes in production deployments. The former is used in a scenario involving access to a local institutional repository and the latter was used as a persistent identifier in an inter-organizational web portal. In the second case, portal accounts are auto-created whenever a new targeted id is encountered.
-Walter
On May 11, 2004, at 2:45 AM,
wrote:
I'm trying to understand the usage of eduPerson attributes in Shibboleth
assertions for inter-institutional applications. It seems that the
attributes that return DNs (such as eduPersonOrgDN, eduPersonOrgUnitDN,
eduPersonPrimaryOrgUnitDN) are not very likely to be useful in this context,
since the directory server that these DNs correspond to is neither specified
in any of these attributes nor very likely to be exposed for direct access
outside the institution.
In trying to see the usage patterns for attributes being used in various
Shibboleth deployments, the JSTOR and OLCC pilots indicate usage of
eduPersonAffiliation and eduPersonEntitlement. Are there other attributes
from eduPerson, person, inetOrgPerson or organizationalPerson schemas etc.
that are being actively used in applications?
Any thoughts or comments will be appreciated.
-- Vishal
- Usage of eduPerson attributes in Shibboleth assertions, vgoenka, 05/11/2004
- Re: Usage of eduPerson attributes in Shibboleth assertions, Walter Hoehn, 05/11/2004
Archive powered by MHonArc 2.6.16.