shibboleth-dev - Re: [Shib-Dev] idp principalconnectors
Subject: Shibboleth Developers
List archive
- From: Chad La Joie <>
- To:
- Subject: Re: [Shib-Dev] idp principalconnectors
- Date: Tue, 21 Jul 2009 16:50:37 +0200
- Organization: SWITCH
Yeah, it's a simplification to call the "server side" software an "IdP". It's really the authentication authority (which is the IdP part) *and* an attribute authority. Strictly speaking "just and IdP" gets you SSO. It's essentially a piece of software like CAS or Pubcookie or Co-Sign.
Adam Lantos wrote:
Wouldn't it be a lot easier to just
store/cache all nameid information in the session store and look upNo, as I already said, the user may not have a session.
principal name by nameid-sessionindex? If the session was indexed by
the nameid value, back-channel code could easily look up the correct
session IMHO.
Yeah, okay NOW I get it, this AA thing totally confused me :s
--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
http://www.switch.ch
- idp principalconnectors, Adam Lantos, 07/21/2009
- Re: [Shib-Dev] idp principalconnectors, Chad La Joie, 07/21/2009
- Re: [Shib-Dev] idp principalconnectors, Adam Lantos, 07/21/2009
- Re: [Shib-Dev] idp principalconnectors, Chad La Joie, 07/21/2009
- Re: [Shib-Dev] idp principalconnectors, Adam Lantos, 07/21/2009
- Re: [Shib-Dev] idp principalconnectors, Chad La Joie, 07/21/2009
- Re: [Shib-Dev] idp principalconnectors, Adam Lantos, 07/21/2009
- Re: [Shib-Dev] idp principalconnectors, Chad La Joie, 07/21/2009
- Re: [Shib-Dev] idp principalconnectors, Adam Lantos, 07/21/2009
- Re: [Shib-Dev] idp principalconnectors, Chad La Joie, 07/21/2009
Archive powered by MHonArc 2.6.16.