Shibboleth Developers

[Peter Williams <>]

I’m arguing ( within Rapattoni) for purchase of a commercial license for Shib, fronting Joomla, from the SHib commercialization arm.

 

The decision is coming down to (i) how well does Shib SP cooperate with ALL the modes of ws-fedp from either an ADFS or ACS asserting party, and (ii) how well does it drive joomla’s sessions and account provisioning flows.

 

 

For example, a WIF-library build federation party ( a ws-fedp bridge, in normal speak) that sprach upstream to Azure’s  ACS bridge (front a variety of IDPs) does not issue tokens exactly as does the classical ws-fedp asserting party. First, the wraps the response in a multipletoken XML element, and second, some of the namespace handling causes slightly different serialization of the embedded XML element to that which ADFS/ACS produce natively.

 

How far have folks gone with Ws-fedp use analysis and interoperability testing?

 

Much of ws-fed and ws-fedp is about “more advanced” use case involving proof tokens, and non-trivial confirmation methods. If I choose (as is my intuition) Shib to front Joomla vs a very simplistic simpleSAML-based joomla plugin, am I really getting what I expect – a “REALLY excellent” interaction with ws-fedp IDP?