>>> On 02/12/2009 at 16:20, in message
<[log in to unmask]>, Rhys
Smith <[log in to unmask]> wrote:
>
>
> I've switched our IdP from 1.x to 2.x a while ago and haven't hit any
> problems. That being said, if the user is sent via the UK fed WAYF, I
> believe the IdP and SP will end up talking SAML1 even if they're both Shib
> 2.x entities, since the WAYF only supports SAML1 - SAML2 will be an option
> when the new DS code goes live on it (someone (Rod!) correct me if I'm
> wrong on this). So there might still be services out there that haven't
> been "thoroughly" tested with this (where thoroughly = lots of people
> talking SAML2 to that service)...
OK, thanks Rhys for this heads up (and Sara for the confirmation), I'm less worried if everything goes belly up later on and affects many sites, after all, it won't be me they'll be building the gallows for :-)
But its reassuring to hear your migration experience Rhys. In some ways it may actually be better that things are still continuing saml 1 to saml 1, it cuts down the changes in variables.
The plan is to ask for idptest to be made visiable to the wayf for a day next week and to do some live testing with IdPs (albeit with the different entity ID) before hiding it again and swapping it to the live configuration.
I'll post on here as to how we get on with the final switchover.
> Java 1.5 is EOLed as of a few months ago, no more updates unless you're
> paying Sun a huge wedge of cash. So Java 1.6 all the way...
>
OK, Ta, I'll swap over to the latest Java 6 today.
Cheers
Andy
The University of Dundee is a registered Scottish charity, No: SC015096
|