 |
 |
On 23/01/2012 08:16, "Andy Swiffin" <[log in to unmask]> wrote: >If I remember right what Ian Young said at the TAG last week, attribute >push in SAML1 is not supported in the UK Federation. > >The question begs to be asked: why do you want to use simplesamlphp for >an IdP? I could understand someone using the SP where they have a php >application and they want to federate it without using the shib SP in >Apache, but the IdP? Just looking around... we're thinking of replacing our commercial local IdP application with SimpleSAMLphp (because it's simpl, works, doesn't have a massive dependancy list and we like it) and I was taking that thought to its logical conclusion where we consolidate and also replace our Shibboleth IdP (which is currently "protected" by our local IdP) too... It was the older SAML1 type stuff I was worried about -- but I have no idea how much of a problem that would actually be in the real world any more... is there a simple way to tell how many assertions went out by the "old" way? Ta, Matthew >Andy > > >-----Original Message----- >From: Discussion list for Shibboleth developments >[mailto:[log in to unmask]] On Behalf Of Peter Schober >Sent: 22 January 2012 17:26 >To: [log in to unmask] >Subject: Re: Use of SimpleSAMLphp > >* Matthew Slowe <[log in to unmask]> [2012-01-22 17:44]: >> Just a quick one (haha, they all day that) -- are there many people >> using SimpleSAMLphp as an IDP on the UK Federation? If so, are there >> any issues (I dunno... compatiblity with sone SPs)? > >You could easily identify those by their ACS URLs in the federation >metadata, e.g. by grep'ing for 'idp/SSOService.php'. >Currently there seem to be 4 in use, 2 of which have '-dev' in their host >names. 2 out of ~700 IdP entities is not "many people", IMHO. > >As for compatiblity: If you need attribute queries for anything, well, >SimpleSAMLphp does not support those (so you'd need to push all >attributes over the browser, for noth SAML1.x and SAML2). >-peter > > >The University of Dundee is a registered Scottish Charity, No: SC015096 > -- Matthew Slowe <[log in to unmask]> | Tel: +44 (0)1227 824265 Server Infrastructure Team, IS | Fax: +44 (0)1227 824078 University of Kent, Canterbury, Kent | Web: http://www.kent.ac.uk/