Shibboleth Developers

[Chad La Joie <>]

André Cruz wrote:
> On Wed, 2008-04-16 at 11:31 +0100, Chad La Joie wrote:
> > The IdP has a storage service interface that's pretty close to the SP's 
> > (technically this is in the OpenSAML in both cases).  You can see it 
> > defined in your internal.xml config file in Shib 2.  The clustering for 
> > 2.0 will be done using Terracotta and just replicating the Map at the 
> > heart of that defined storage service.
>
> You say "will". Does this mean there's still something missing for this
> to work or just documentation?

It's just lacking documentation and testing.  All the software should be 
there.

> Also, could you tell us what (little) support the IDP already has for
> SAML logout? Scott said the IDP already stores all the necessary
> information to notify the corrects SPs when a logout occurs. Is this
> true?

I believe Scott is correct but can't say for certain until I actually do 
the SLO implementation.  The IdP, currently, has *no* support for logout 
but should have all the components necessary to implement it.  By this I 
mean there is absolutely no support for handling and acting on incoming 
logout requests.  However all the of the session management code is in 
place and should contain all the information necessary in order to 
answer a logout request.

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
 http://www.switch.ch