shibboleth-dev - Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF
Subject: Shibboleth Developers
List archive
- From: Franck Borel <>
- To:
- Subject: Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF
- Date: Tue, 23 Sep 2008 09:12:50 +0200
Hi Lukas,
Am 19.09.2008 um 16:29 schrieb Lukas Haemmerle:
@Frank:
what happens, if a service-provider ist member of more then one
federation? Would it work too?
Yes, as you can see in the example of kelimutu.switch.ch this is already
supported. In such a case, the embedded WAYF first sets a cookie to
remember that setting and then sends the user to
/Shibboleth.sso/Login?entityId=#selectedEntityIDOfRemote federation#
So, from there on the SP itself handles the rest.
What I meant is that providers like ebsco uses a different aproach to what you show in your example:
If you want to log in with shibboleth in Ebsco (https://shibboleth.ebscohost.com/ ) you must first select your
federation. After then ebsco builds a list of IdPs, while reload the entire site.
Would this been able to be accomplish with your solution?
-- Franck
@Josh:
The IdP is hanging for me...
No idea why it was not working for you. I just tried and it worked as
expected :) Try selecting the 2. entry from top (should be the default
one anyway).
@Peter:
Well, I don't like JavaScript but according to Embedded-DS.txt it
would allow for both customization of IdPs listed as well as
customization of the look and feel, so for sites already dependent on
JS I guess this would be Good News.
Yes, that was the goal. Of course, if a user has Javascript disabled all
of this won't work. However, you still could insert - as in the example
- a noscript fallback to at least tell the user to turn on javascript or
maybe present a link that sends the user to
/Shibboleth.sso/DS?target=#URL where the user shall land on#
In the end, there are so many web applications today requiring
Javascript that it is almost infeasible to turn it off completely. Even
Shib relies to some extent on Javascript for sending the assertions via
browser post. Turning off Javascript for Shib will force users to
manually submit the form that posts the assertions, which probably will
be so annoying in the end that they will turn Javascript on again :)
Lukas
--
SWITCH
Serving Swiss Universities
--------------------------
Lukas Haemmerle, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 64, fax +41 44 268 15 68
,
http://www.switch.ch
- Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Lukas Haemmerle, 09/19/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Franck Borel, 09/19/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Lukas Haemmerle, 09/19/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Franck Borel, 09/23/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Peter Schober, 09/23/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Franck Borel, 09/23/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Lukas Haemmerle, 09/24/2008
- RE: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Scott Cantor, 09/24/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Lukas Haemmerle, 09/24/2008
- RE: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Scott Cantor, 09/24/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Lukas Haemmerle, 09/25/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Lukas Haemmerle, 09/24/2008
- RE: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Scott Cantor, 09/24/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Peter Schober, 09/23/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Franck Borel, 09/23/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Lukas Haemmerle, 09/19/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Franck Borel, 09/19/2008
- RE: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Josh Howlett, 09/19/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Peter Schober, 09/19/2008
- Re: [Shib-Dev] Central WAYF + Distributed WAYF - Disadvantages = Embedded WAYF, Rod Widdowson, 09/23/2008
Archive powered by MHonArc 2.6.16.