> The term 'Athens-compliant' makes no distinction between
> classic Athens and AthensDA. All Athens-protected services
> are accessible via either method, and the version of the
> Athens agent used by service providers has no bearing on this.
Thanks for the clarification (and reminder), Phil.
> The reasons as to why some resources do not work with the
> gateway were also posted to this list in February 2006, but
> in summary, while there were a few minor issues that affected
> individual service providers, the root cause of each of those
> was that they were using old versions of the Athens agent and
> hadn't upgraded when we originally advised them to. This
> meant that those service providers were/are prefix-checking
> Athens users, rather than replacing this authorisation check
> with one that reads the Athens organisation ID.
I was aware that it was something to do with service providers (and old
versions of the Athens agent) depending on the username-prefix (like
mine of "LSE12345678") to identify a user's home organisation. This
information is not, of course, necessarily contained in the usernames
that would be rendered by an AthensDA-enabled institution. Presumably,
Eduserv has either now persuaded all service providers to upgrade, or
has somehow 'fixed' this in the code of the AthensDA software. Can a
similar fix not be made to the Gateway software?
I'm afraid that I still don't have enough spare time to exhaustively
check the archives of this and other lists, in case there's an existing
answer. I have also not sought out the precise wording of the
specification via which JISC funded Eduserv to develop and operate the
Shibboleth-to-Athens Gateway, but I'm assuming that it's intention was
to make *all* Athens-protected resources accessible to all users at
institutions that decide to join the UK Federation as identity-providers
earlier, rather than later, and to cease creating Athens usernames for
their users.
Please could you confirm what action Eduserv is taking to ensure that
the remaining Athens-protected resources work via the Gateway, and the
likely timetable for this to be achieved?
John
|