Skip to Content.
Sympa Menu

shibboleth-dev - Re: [Shib-Dev] Sign/encrypt control

Subject: Shibboleth Developers

List archive

Re: [Shib-Dev] Sign/encrypt control


Chronological Thread 
  • From: Chad La Joie <>
  • To:
  • Subject: Re: [Shib-Dev] Sign/encrypt control
  • Date: Fri, 24 Jun 2011 10:38:10 -0400
  • Organization: Itumi, LLC

Okay, this is what I ended up doing. The pluggable criteria mechanism being used in various other places is now used here and it has access to the full profile request context. So, as we go forward, we'll just need to make sure that whatever data we need lives in there.

On 6/23/11 7:21 PM, Cantor, Scott E. wrote:
On 6/23/11 4:29 PM, "Chad La
Joie"<>
wrote:

Yeah, I'm iterating through a lot of ideas on this right now. So far,
I've considered three possibilities:
- leave it as is
- Double the properties we have today and make one set for
front-channel and the other set for back-channel. However, this means
the IdP will need to directly understand those concept (it doesn't today).
- Have a pluggable strategy.

I definitely favor the last one, even if it's rarely used, it just avoids
arguing over it. Assuming our new profile context objects are sufficiently
easy to use as a generic input to the decision process anyway.

-- Scott



--
Chad La Joie
http://itumi.biz
trusted identities, delivered



Archive powered by MHonArc 2.6.16.

Top of Page