On 6/7/07, Jon Warbrick <[log in to unmask]> wrote:
>
> It's slightly odd - there seems to be widespread agreement that storing
> eduPersonTargetedID values in a database is a good idea, but either almost
> no one is doing it or they are but are unwilling to share what they have
> done.
A generally useful database implementation is nontrivial, I suppose.
Moreover, writing ePTID to a database in real time introduces a
serious impediment to "high availability". Cautious admins are wary
that ePTID will blow their IdP deployment out of the water by creating
a single point of failure. From Jim Fox's web page: "Redundant
databases, with automatic replication and failover, are provided."
Without that, your IdP is vulnerable.
Tom
|