shibboleth-dev - RE: [Shib-Dev] Shib WG Topics
Subject: Shibboleth Developers
List archive
- From: "Cantor, Scott E." <>
- To: "" <>
- Subject: RE: [Shib-Dev] Shib WG Topics
- Date: Thu, 7 Apr 2011 13:57:51 +0000
- Accept-language: en-US
> Another (better?) approach is to define *two*
> <md:AttributeConsumingService> elements in SP metadata, and then let
> the SP try them in turn. If the first one fails (because the IdP can
> not or will not supply a required attribute), then the SP simply tries
> again.
I don't think looping back to the IdP is a viable strategy. It certainly
won't fly if you end up prompting the user both times, which is pretty much
what it would lead to.
I explored a number of ways to use multiple descriptors to solve problems and
none of them were solving anything. Its purpose was specifically to support
different attribute sets within a single SP. A simple example is a gateway
protecting a dozen apps with different requirements. It works fine for that
(assuming SAML 2).
-- Scott
- Re: [Shib-Dev] Shib WG Topics, (continued)
- Re: [Shib-Dev] Shib WG Topics, Leif Johansson, 04/07/2011
- RE: [Shib-Dev] Shib WG Topics, Cantor, Scott E., 04/07/2011
- Re: [Shib-Dev] Shib WG Topics, Chad La Joie, 04/06/2011
- Re: [Shib-Dev] Shib WG Topics, Cantor, Scott E., 04/06/2011
- Re: [Shib-Dev] Shib WG Topics, Steven Carmody, 04/06/2011
- Re: [Shib-Dev] Shib WG Topics, Cantor, Scott E., 04/06/2011
- Re: [Shib-Dev] Shib WG Topics, Kristof Bajnok, 04/07/2011
- Re: [Shib-Dev] Shib WG Topics, Peter Schober, 04/07/2011
- Re: [Shib-Dev] Shib WG Topics, Tom Scavo, 04/07/2011
- RE: [Shib-Dev] Shib WG Topics, Cantor, Scott E., 04/07/2011
- RE: [Shib-Dev] Shib WG Topics, Cantor, Scott E., 04/07/2011
- Re: [Shib-Dev] Shib WG Topics, Steven Carmody, 04/06/2011
- Re: [Shib-Dev] Shib WG Topics, Tom Scavo, 04/04/2011
- Re: [Shib-Dev] Shib WG Topics, Tom Scavo, 04/04/2011
- Re: [Shib-Dev] Shib WG Topics, Fredrik Thulin, 04/04/2011
- Re: [Shib-Dev] Shib WG Topics, Nate Klingenstein, 04/04/2011
Archive powered by MHonArc 2.6.16.