Shibboleth Developers

[Digant C Kasundra <>]

My question would be where does that URL appear
(http://www.jstore.com/shibentry.html?userhome=UC%20Berkeley).  If
that's a link somewhere, why not just use the URL that bypasses WAYF
altogether?  That could also be bookmarked (most browsers let you
right-click a link and bookmark it).

-- DK

On Wed, 2004-06-30 at 13:17, David L. Wasley wrote:
> <flame_target asbestos="on">
> 
> We've always said the answer to the WAYF is not a security issue 
> since a false answer simply results in failure to gain access.  So 
> why not let the user give "advice" to the WAYF?
> 
> This might work in the following way.  When the user first goes to a 
> new resource, the SHIRE (new term?) could look for a parameter of the 
> form userhome=<origin_name> - i.e.
>     www.jstore.com/shibentry.html?userhome=UC%20Berkeley
> 
> This parameter would be passed on to the WAYF and displayed as the 
> "default" origin, er, Credential Provider for the user.  I'd guess 
> that in 90+% of the cases the user would simply hit RETURN.
> 
> If this was supported, then users could "bookmark" the URL (and 
> optionally add or even edit the userhome parameter) and then life 
> would be good.  They could have bookmarked URLs with different 
> userhomes for the various origins that know them, etc.
> 
> Just a thought.
> 
> </flame_target>
> 
>       David