shibboleth-dev - RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO"
Subject: Shibboleth Developers
List archive
- From: "Josh Howlett" <>
- To: <>
- Cc: "Josh Howlett" <>
- Subject: RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO"
- Date: Thu, 20 Sep 2007 20:01:28 +0100
> > I have been told by colleagues in the schools sector that some
> > categories of user, such as young children, simply aren't
> capable of
> > selecting 'their' IdP. Whether the selection UI is located
> at the SP
> > or some other WAYF (or indeed as a piece of browser chrome) is moot.
>
> This is an example of what bothers me....is the message there
> "forget it"?
Emphatically, no. That a discovery UI does not meet one particular
community's claimed requirements in no way invalidates the general
approach; it has clearly been an extremely successful approach. All this
implies, I think, is a requirement for a complementary mechanism.
> Because I don't see how to turn that feedback into a proposal.
I guess we need to look beyond the UI. The DS is, I think, a big step in
that direction.
> > Even for adult users, the answer to the question "which IdP are you
> > affiliated with" is not always obvious; for example, there
> are cases
> > concerning multiple affiliations and the correct answer
> depends on the
> > user knowing which IdP has the relevant relationship with
> the SP for
> > the resource in question.
>
> True, though I have yet to see that materialize in practice,
I think it's difficult to observe actual instances of this occuring in
any non-trivial federated community until someone flags it as an issue.
However, it's inevitable that it will occur in our particular community
and real soon, if it hasn't already.
> but this is, I think, an argument for the process being
> closer to the SP, not farther away.
Sure, this is a sound principle.
josh.
JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxon OX11 0SG
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", (continued)
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Josh Howlett, 09/12/2007
- Re: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Jeff Hodges, 09/12/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Josh Howlett, 09/12/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Josh Howlett, 09/12/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Scott Cantor, 09/12/2007
- Re: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Leif Johansson, 09/27/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Josh Howlett, 09/19/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Josh Howlett, 09/20/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Scott Cantor, 09/20/2007
- Re: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Spencer W. Thomas, 09/27/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Josh Howlett, 09/20/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Josh Howlett, 09/27/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Josh Howlett, 09/28/2007
- Re: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Spencer W. Thomas, 09/28/2007
- RE: wrt user entry of a pointer to their IDP ..or.. "invisible SSO", Josh Howlett, 09/12/2007
Archive powered by MHonArc 2.6.16.