shibboleth-dev - Re: release of authentication assertion
Subject: Shibboleth Developers
List archive
- From: Brendan Bellina <>
- To:
- Subject: Re: release of authentication assertion
- Date: Fri, 22 Sep 2006 15:24:10 -0700
On Sep 22, 2006, at 8:15 AM, Scott Cantor wrote:
We have exactly the same concerns at K.U.Leuven. The artifact protocol
requires an SP to have an entry in the metadata for any statement to
be released, so maybe there can be found an easy solution in that area: if
it's possible to force all/unauthenticated providers to use the artifact
protocol then that issue could be solved easily in a Shib1.3 environment.
The fact that the old WAYF model makes using other protocols impossible
aside, no, there's no way to force it in 1.3 without changing the code, in
which case you just need to implement the trivial change of adding a "don't
allow unknown requests" option for POST.
-- Scott
Scott,
Any reason not to pursue this as a patch for 1.3 (I don't mean _you_ pursue it, I mean anyone pursue it)? If it is trivial as you say and would be useful for multiple sites it sounds worth doing. Or would such a patch be problematic?
Brendan
- release of authentication assertion, Will Norris, 09/21/2006
- RE: release of authentication assertion, Scott Cantor, 09/21/2006
- Re: release of authentication assertion, Walter Hoehn, 09/21/2006
- Re: release of authentication assertion, Thomas Lenggenhager, 09/22/2006
- RE: release of authentication assertion, Scott Cantor, 09/22/2006
- Re: release of authentication assertion, Velpi, 09/22/2006
- RE: release of authentication assertion, Scott Cantor, 09/22/2006
- Re: release of authentication assertion, Brendan Bellina, 09/22/2006
- RE: release of authentication assertion, Scott Cantor, 09/22/2006
- Re: release of authentication assertion, Brendan Bellina, 09/22/2006
- RE: release of authentication assertion, Scott Cantor, 09/22/2006
- RE: release of authentication assertion, Scott Cantor, 09/21/2006
Archive powered by MHonArc 2.6.16.