shibboleth-dev - [Shib-Dev] RE: [Shib-Users] Shibboleth IdP + uApprove + extensions
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: [Shib-Dev] RE: [Shib-Users] Shibboleth IdP + uApprove + extensions
- Date: Fri, 9 Jul 2010 12:15:00 -0400
- Organization: The Ohio State University
> using shibboleth IdP 2.1.5 with uApprove 2.1.3 plug-in has a disadvantage:
> If an user don't want to release all attributes, he is constrained to
> abort the authentication process.
> But in some cases no attributes are needed, only the authentication
itself.
I'm not sure how uApprove recognizes the NameID itself as an attribute, but
lacking some kind of non-transient ID, that doesn't make much sense to me.
Authentication without some attribute is meaningless.
But if there's a distinction to be made between one set of attributes or
possibly "no attributes but a NameID of some kind", that's the sort of thing
the multiple service level idea was intended to capture.
-- Scott
- [Shib-Dev] RE: [Shib-Users] Shibboleth IdP + uApprove + extensions, Scott Cantor, 07/09/2010
- Re: [Shib-Dev] RE: [Shib-Users] Shibboleth IdP + uApprove + extensions, Peter Schober, 07/09/2010
- RE: [Shib-Dev] RE: [Shib-Users] Shibboleth IdP + uApprove + extensions, Scott Cantor, 07/10/2010
- Re: [Shib-Dev] RE: [Shib-Users] Shibboleth IdP + uApprove + extensions, Petra Berg, 07/15/2010
- RE: [Shib-Dev] RE: [Shib-Users] Shibboleth IdP + uApprove + extensions, Scott Cantor, 07/15/2010
- Re: [Shib-Dev] RE: [Shib-Users] Shibboleth IdP + uApprove + extensions, Peter Schober, 07/09/2010
Archive powered by MHonArc 2.6.16.