Shibboleth Developers

[Etan Weintraub <>]

As soon as the appropriate place to suggest it is there, I will. ;)

-Etan E. Weintraub
Team Leader - Enterprise Authentication
Senior Systems Engineer - Enterprise Directory
IT@Johns
 Hopkins Johns Hopkins at Mt. Washington
5801 Smith Ave.
Suite 3110B
Baltimore, MD 21209
Phone: 410-735-7945
E-mail: 



-----Original Message-----
From: Chad La Joie 
[mailto:]
 
Sent: Wednesday, June 09, 2010 1:35 PM
To: 

Subject: Re: [Shib-Dev] [IdPv3] Consent Engine Work

Yeah, from what I can tell that seems to be the rarity.  My experience 
has been that in half the places I work the same people who run the IdP 
run the LDAP and in the other half its not the same folks.

All of that said, I wouldn't be opposed to some one suggesting an LDAP 
persistence plugin (for consent, targeted IDs, and whatever else) once 
3.0.0 is out the door.

On 6/9/10 1:25 PM, Etan Weintraub wrote:
> I guess I'm one of the lucky ones then, as I manage both the IdP and the 
> LDAP servers....
>
> -Etan E. Weintraub
> Team Leader - Enterprise Authentication
> Senior Systems Engineer - Enterprise Directory
> IT@Johns
>  Hopkins Johns Hopkins at Mt. Washington
> 5801 Smith Ave.
> Suite 3110B
> Baltimore, MD 21209
> Phone: 410-735-7945
> E-mail: 
> 
>
> -----Original Message-----
> From: Chad La Joie 
> [mailto:]
> Sent: Wednesday, June 09, 2010 1:22 PM
> To: 
> 
> Subject: Re: [Shib-Dev] [IdPv3] Consent Engine Work
>
> You'll be able to write any persistence plugin you want, but I've always
> be very reticent to provide plugins that would persist to LDAP because
> people seems to have a lot more issues with extending their LDAP schemas
> than with setting up a new DB table.
>
> On 6/9/10 12:52 PM, Etan Weintraub wrote:
>> Or will it be possible to use the same user store (i.e. LDAP) to store 
>> this information?
>>
>> -Etan E. Weintraub
>> Team Leader - Enterprise Authentication
>> Senior Systems Engineer - Enterprise Directory
>> IT@Johns
>>  Hopkins Johns Hopkins at Mt. Washington
>> 5801 Smith Ave.
>> Suite 3110B
>> Baltimore, MD 21209
>> Phone: 410-735-7945
>> E-mail: 
>> 
>>
>>
>> -----Original Message-----
>> From: Scott Cantor 
>> [mailto:]
>> Sent: Wednesday, June 09, 2010 12:45 PM
>> To: 
>> 
>> Subject: RE: [Shib-Dev] [IdPv3] Consent Engine Work
>>
>>> Features I am considering but not yet committed:
>>>
>>> - A uApprove DB ->   IdP consent engine migration script.  It's possible
>>> that the consent engine may track enough new/differing data that this
>>> wouldn't possible.  I won't know for a while.
>>
>> Is the consent from the user tracked in a database or in the client
>> (cookies)?
>>
>> I'm really asking, will this be deployable without a database?
>>
>> -- Scott
>>
>>
>>
>

-- 
Chad La Joie
http://itumi.biz
trusted identities, delivered