Skip to Content.
Sympa Menu

shibboleth-dev - Re: Shibboleth 1.3 ARP Rule Constraint patch

Subject: Shibboleth Developers

List archive

Re: Shibboleth 1.3 ARP Rule Constraint patch


Chronological Thread 
  • From: Will Norris <>
  • To:
  • Subject: Re: Shibboleth 1.3 ARP Rule Constraint patch
  • Date: Tue, 25 Apr 2006 15:19:36 -0400

I've posted an update to the code to include a problem Walter helped identify after the Shib working group yesterday.

I updated ArpEngine.listPossibleReleaseAttributes() to also include those attributes necessary to compute constraints, even if they aren't actually going to be released. I also renamed the function to better identify what it is doing.



On Apr 19, 2006, at 6:57 PM, Brendan Bellina wrote:

USC has completed development and testing of a patch for Shibboleth 1.3 that allows ARP's to be constrained by user attributes. The intent is to allow Identity Providers to constrain the unneeded or undesired release of attributes to service providers. A white paper describing what we have named "Rule Constraints" and the patch code is available at the website <http://isd.usc.edu/ ~bbellina/gds/software/shibboleth/>. Will Norris, who authored the patch, will be attending the Shib WG session at the upcoming I2 Member Meeting and will be available to answer any questions. We hope that this will prove to be a useful offering to the Shibboleth community and welcome any feedback.

Attachment: smime.p7s
Description: S/MIME cryptographic signature




Archive powered by MHonArc 2.6.16.

Top of Page