At 12:56 PM +0000 11/25/08, Alistair Young wrote:
>>could you use isMemberOf ?
>custom attributes are a last resort Steve. Not known whether they'll
>get through the SP. If they get through they're the perfect
>solution. Just trying to see if eduPerson could cope with it as
>they're bound to get through. Not looking good though.
>
I'd call brownAffiliation a custom attribute; we certainly don't send
that off campus.. However, I'd certainly consider isMemberOf to be a
standard higher ed attribute at this point:
http://www.nmi-edit.org/releases/index.cfm#directory (see eduMember
-- not sure why you're limiting yourself to looking at eduPerson))
and
http://middleware.internet2.edu/dir/docs/internet2-mace-dir-ldap-group-membership-200507.html
we certainly include isMemberOf in the attribute-map.xml file that
all of our on campus SPs download and use.
You seem to be looking for an approach that is 1) easy to implement
within the current legacy SP architecture, and 2) have some
likelihood of evolving successfully into the future. The tension
there is obvious.... I usually vote for a little more work in the
short term (efg use a standard attribute; on the SP end map it to
what the legacy application requires), rather than violating a
standard vocabulary (which in my experience usually comes back to
bite you at some point).
|