shibboleth-dev - Re: Sub: Can I send decisions from RM to the Portal ??
Subject: Shibboleth Developers
List archive
- From: "Tom Scavo" <>
- To:
- Cc: "GridShib Users" <>
- Subject: Re: Sub: Can I send decisions from RM to the Portal ??
- Date: Fri, 1 Dec 2006 08:35:43 -0500
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=l6TlqqC6PcgMoy4OKK+8TPW2MuQgye1y2jlP3wBMeJ3gxDId29/vTHQ0g6uTqhvfdqkZNqSecCxCyxsSaeJFXzyWUQjk6/YCK13mxl6tF6Wj6LX1sVu0W9dtZJXrozL0sieq8+hMOrwMgp9tgOBIUvpvLshb6yq5ZTS+bBi26wU=
[copying
again]
On 12/1/06, Venkata Krishna Ravula
<>
wrote:
... The
Portal is the resource. It asks Shibboleth to authenticate a user. We assume
here Shibboleth is already configured and hence the authentication takes
place. ( Need not bother about this because it is all a matter of placing
correct config files. right ?? )
Well, deploying a Shibboleth SP is somewhat more work than that, but
basically, yes, that's right.
The result for this authentication is
"automatically" forwarded to the Portal. We can then make use of X.509
certificates and communicate with GT. Now here, the Portal authenticates to
the GT and the GT simply provides a service.
Did I get it right ?
Yes. (By elevating the problem to a sufficiently high level, it is
more easily "solved". As always, however, the "devil is in the
details". :)
When I install Shibboleth, is there an inbuilt API or does it mean we need
to design it ?
I don't know what you mean by that. Shibboleth is an implementation
of the SAML V1.1 browser profiles. It extends the SAML profiles to
support SP-initiated flows, but other than that, it's just SAML (plus
a few other innovations :)
Also I would appreciate if you could let me know details about the person
whom I need to contact for the CAS methodlogy.
You can read about CAS at the Globus site:
http://www.globus.org/toolkit/docs/4.0/
Note the link to CAS under "Security".
By the way, CAS is under heavy development at the moment, so you may
want to subscribe to the cas-user mailing list.
I understand this is a Shibboleth group. Yet I would like to ask one simple
question regarding the Globus Toolkit.
How can I make a Portal talk to Globus ? My search has been in vain so far.
I would appreciate if you could throw some light upon it. Do I need My Proxy
for this communication to occur or could I simple use the toolkit like JAVA
COG as the glue between the Portla and the Globus ??
You're right, this is shibboleth-dev so I'll refrain from going into
this here. Would you mind reasking this question on the gridshib-user
mailing list? You'll get an earful over there :-)
Cheers,
Tom
- Re: Sub: Can I send decisions from RM to the Portal ??, Venkata Krishna Ravula, 12/01/2006
- Re: Sub: Can I send decisions from RM to the Portal ??, Tom Scavo, 12/01/2006
Archive powered by MHonArc 2.6.16.