Shibboleth Developers

[Peter Williams <>]

if you get an account at myopenid.com you will see a GUI allowing individuals 
to set release policies for their attributes, upon websso. As a site is 
encountered, the user nominates the set of attributes to be released (this 
time, always, never). One can change the policy also, using the management 
console. Try it, using myopenid to act as an IDP to a free pkwiki hosting SP 
service, for example.

I have a demo of a SAML2 SP invoking an IDP (whose authentication mechanism 
is myopenid). Its only configuration to allow any Shib2 SP invoke the same. 
Id be happy to provide the IDP gateway if someone would like to spend an hour 
with me setting up the link...so folks can judge that particular experience 
in practice.

________________________________________
From: Chad La Joie 
[]
Sent: Monday, June 09, 2008 10:45 AM
To: 

Subject: Re: [Shib-Dev] SHIB Status call -- 6/9/2008)  -- 12:00 pm EDT, 9 am 
PDT


The only
projects I've known who have tried this remain undeployed and garnered
user feedback that it was too complicated and confusing.

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
 http://www.switch.ch