Skip to Content.
Sympa Menu

shibboleth-dev - Re: wrt user entry of a pointer to their IDP ..or.. "invisible SSO"

Subject: Shibboleth Developers

List archive

Re: wrt user entry of a pointer to their IDP ..or.. "invisible SSO"


Chronological Thread 
  • From: "Spencer W. Thomas" <>
  • To:
  • Subject: Re: wrt user entry of a pointer to their IDP ..or.. "invisible SSO"
  • Date: Thu, 27 Sep 2007 15:08:23 -0400
  • Organization: JSTOR

Josh Howlett wrote:
> I have been told by colleagues in the schools sector that some
> categories of user, such as young children, simply aren't capable of
> selecting 'their' IdP. Whether the selection UI is located at the SP or
> some other WAYF (or indeed as a piece of browser chrome) is moot.
>
Right. So for them, you provide a portal. The portal has a link to a
session initiator at the service provider. The session initiator tells
the SP which IdP to use, so no WAYF ever need be involved.

Example:

https://www.jstor.org/start-session?providerId=urn:mace:incommon:osu.edu

Will send you straight to Ohio State's login screen. Once you've
authenticated, you come back and are looking at JSTOR's search form.
> Even for adult users, the answer to the question "which IdP are you
> affiliated with" is not always obvious; for example, there are cases
> concerning multiple affiliations and the correct answer depends on the
> user knowing which IdP has the relevant relationship with the SP for the
> resource in question.
I can see that could be a problem. We display only those IdPs
associated with institutions that are (a) participating in JSTOR and (b)
have told us they are ready to use Shibboleth with JSTOR (and (c) tested
such access.) In that case, the user need only find (at least) one of
their IdPs in our list.
> It gets worse when we ask the question "which
> federation is your IdP affiliated with" because the user has no concept
> of federation.
>
Right, which is why our WAYF (https://www.jstor.org/wayf/WAYF) organizes
IdPs geographically. We can do that because we're displaying only those
institutions with which we have negotiated Shibboleth (or Athens)
access, and we have recorded in our database "the" country for each
institution.

--
------------------------------------------------------------------------
Spencer Thomas
Operations Supervisor, JSTOR


<mailto:>
+1-734-998-9104

JSTOR is a not-for-profit organization helping the scholarly community
take advantage of advances in technology. Our initial effort -- building
trusted digital archives for scholarship -- provides for the long-term
preservation and access of leading academic journals and scholarly
literature from around the world. Our work is supported by libraries,
scholarly societies, publishers, and foundations.

------------------------------------------------------------------------



Archive powered by MHonArc 2.6.16.

Top of Page