Shibboleth Developers

[Tom Scavo <>]

On 8/10/05, Nate Klingenstein 
<>
 wrote:
> 
> My next question: if I want to properly extend this to generate a
> bilateral set of metadata from a single form ...

I don't think this is doable or even desirable.  I believe IdP and SP
metadata should be generated separately.

> Is there anything else I need to ask about?

I was saving these 'til later, but since you ask...

- Locations depend on build property idp.webapp.name, which is configurable.
- Multiple ContactPerson elements
- KeyAuthority
- Multiple certs
- Signing
- Option to choose desired descriptors (e.g., suppress IDPSSODescriptor)
- Alternate NameIDFormats (like X509SubjectName)

Actually, if you can do the first one or two of those items, GridShib
will work on the rest (and contribute the result back to Shibboleth).

Thanks,
Tom