Shibboleth Developers

[Steven Carmody <>]

On 4/4/11 2:32 PM, Chad La Joie wrote:
> I'm not aware of anyone having offered anything up this time and trying
> to get the consortium off the ground has pretty much been all-consuming
> for the Shib team so we didn't really think about asking anyone with the
> exception that I asked Nicole to given an update on the consortium.

I think it would be useful to have some discussion at the WG session 
about what the consent mechanism in IDP v3 should display; this would be 
a followup to the discussion from the recent developers meeting. What 
are the issues and tradeoffs, in trying to improve usability and 
"understandability" of the consent screens?

I've also asked a couple of sites to make SHORT presentations on 
interesting work that they're doing:

-- Wisconsin -- present the use cases related to the IDP extensions 
they've contracted for, related to adding basic access control to the 
v2.x IDP. This would only be useful with SPs that aren't capable of 
access control (eg Google, WebEX, etc). I believe that Scott refers to 
these as "badly behaved SPs".

-- UFL -- describe how they manage a campus Shib deploy that includes 
300+ in-sourced and out-sourced SPs. This is obviously a very large 
deploy, and it should be interesting to hear what it takes to manage 
this environment, the approaches they've adopted, and the issues they've 
encountered.

-- Wisconsin -- describe how they're using the Shib delegation support 
in one of their portals, allowing the portal to login to backend 
services as "the user" using delegated SAML credentials.

In addition, people may be interested that the both InCommon track 
sessions (technical and policy) will include a demo and discussion of 
metadata-driven user consent to attribute release; this will showcase 
the uApprove extension developed by the SWITCH Federation.