Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] eduGAIN and non "academic" IdPs

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] eduGAIN and non "academic" IdPs


Chronological Thread 
  • From: Tom Scavo <trscavo AT internet2.edu>
  • To: Andy Bennett <andyjpb AT knodium.com>
  • Cc: "edugain-discuss AT geant.net" <edugain-discuss AT geant.net>
  • Subject: Re: [eduGAIN-discuss] eduGAIN and non "academic" IdPs
  • Date: Fri, 28 Nov 2014 12:50:50 -0500
  • Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass header.i= AT gmail.com
  • List-archive: <https://mail.geant.net/mailman/private/edugain-discuss/>
  • List-id: eduGAIN discussion list <edugain-discuss.geant.net>

On Fri, Nov 28, 2014 at 11:05 AM, Andy Bennett <andyjpb AT knodium.com> wrote:
> On 28/11/14 15:57, Mikael Linden wrote:
>> I can't see how R&S helps Jozef to solve his problem.
>
> I think the idea would be to ensure that the authorization can be done
> with the attributes.

I agree that is probably the best way to solve this problem (as I
understand it).

> You could say something like "allow affiliations
> matching 'faculty@*.edu'" if you were guaranteed to get the
> scoped-affiliation attribute.

That attribute is not strictly required from R&S IdPs, which is yet
another reason why R&S is probably not the solution we're looking for.

> This can't be done with metadata alone: even accredited universities
> give visitor and guest accounts out.

Exactly. Which is why this is a user attribute problem, not an entity
attribute problem.

Tom





Archive powered by MHonArc 2.6.19.

Top of Page