Shibboleth Developer's Meeting, 2019-08-16
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 06-Sep. Any reason to deviate from this?
60 to 90 minute call window.
This week's call will use the Zoom system at GU, see ZoomGU for see ZoomGU for access info.
AGENDA
- SWITCH will attend (Etienne, Lukas and Res), to present the use cases behind the structured (jumbo) attribute. Key messages:
- Today we have (only) 2 SPs (registration services) that would require this information. They are currently being built.
- Both are needing this information for the provisioning towards a couple of further services (like e.g. Adobe Creative Cloud etc.)
- These 2 registration service SPs are user-centric on their own authentication side, while they have to pick a role of the person on the provisioning side, for each of those further services.
- We could do without a proper attribute filter step. The registration service SPs would just require everything.
- Still, packing all of this onto the IdP might bee too much. We have therefore a plan B which looks like this:
- Send all affiliation related information (UniqueID, Mail, ScopedAffiliation, ...) in separate flat multivalued attributes to the registration service SPs (and get the consent of the user)
- Let the registration service SP call the SCIM API ( https://www.switch.ch/edu-id/organisations/tech/scim-api/ ) for each of those obtained ScopedAffiliation values, and get the proper set of attributes for that specific affiliation .
- With this, the registration service SP can then build up an own user database, and use that one for further provisioning towards the services behind.
- We don't expect a quick solution.
- carried forwardJira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key IDP-1181 - PS
- Update on some SameSite cookie attribute testing.Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key IDP-1476 - Splitting workload on SAML proxying
Attendees:
Brent
- FinishedJira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key OSJ-188
- Circling back to work-in-progressJira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key OSJ-272
- a few final details to sort out, do "real" testing with IdPJira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key IDP-1461
...