Shibboleth Developers

[Scott Cantor <>]

Tom Scavo wrote:
> I guess I'm trying to avoid having to rewrite the GridShib profiles
> from scratch.  Our attribute exchange profile is a straightforward
> extension of the Shibboleth Attribute Exchange profile, but it seems
> our metadata profile will have to be written from scratch, on top of
> the SAML 1.x Metadata profile.  I guess that's okay.  I wasn't
> thinking along those lines until now.  Your wording in the Shib spec
> has brought this point home.

I think I would expect most SAML profiles to end up with a pretty 
specific metadata profile suited to that situation, because metadata is 
so important to the interoperability of implementations once they're in 
the hands of actual users. If the metadata schema itself works, profiles 
should compose effectively with each other.

I think when it's just developers testing their code at conferences, you 
can get the wire profile by itself to work with enough knob twisting, 
which is basically what my experience was. But when there was a 
consistent metadata profile between the peers, as I had with with 
Trustgenix and HP, it was much easier.

Luckily, writing a metadata profile isn't terribly complex.

-- Scott