folks,
can someone shed any light on this? To take an example, going through
Athens, Myilibrary decides what eBooks a user can see based on their
institution's org_id. This means it's very difficult (if not impossible)
to vary what eBooks users within that institution see when they login to
My Athens. AFAIK the org_id is inferred from the IdP's entityId so to
create subsets of eBooks collections one would have to configure one's IdP
to answer to many entityIds and have multiple presences in the WAYF. Not
ideal and suppliers are not keen to support this.
Will the federation make it easier to create subcollections of resources
from one SP? e.g. will a supplier such as Myilibrary work with SAML
attributes and can an IdP arrange for different bags of eBooks to be
associated with different values of that attribute?
There's been a lot of talk of granular access to resources using
Shibboleth but AFAICS it's all on the IdP side. An IdP can be as granular
as you like but will SPs be this granular too?
thanks,
Alistair
--
mov eax,1
mov ebx,0
int 80h
|