From: Discussion list for Shibboleth developments [mailto:[log in to unmask]] On Behalf Of Matthew Slowe
Sent: 23 January 2012 08:27
To: [log in to unmask]
Subject: Re: Use of SimpleSAMLphp
On 23/01/2012 08:16, "Andy Swiffin" <[log in to unmask]> wrote:
Just looking around... we're thinking of replacing our commercial local IdP application with SimpleSAMLphp (because it's simpl, works, doesn't have a ?massive dependancy list and we like it) and I was taking that thought to its logical conclusion where we consolidate and also replace our Shibboleth IdP (which is currently "protected" by our local IdP) too...
I would have a word with Ian Young before going to far down the path.
I'm not quite sure why you would want to get rid of a Shibboleth IdP if you have one already. (Unless it's a 1.3 one). Shib 2 seems very well behaved to me, doesn't require much (if any) care and feeding and most importantly is what the majority of the rest of the people are using - safety in numbers! For something which is so core to your organisational business I would have thought you'd want to be as bespoke as little as possible.
It was the older SAML1 type stuff I was worried about -- but I have no idea how much of a problem that would actually be in the real world any more... is there a simple way to tell how many assertions went out by the "old" way?
Anything which goes via the wayf will still be SAML1. Just look in your shib logs its all there.
The University of Dundee is a registered Scottish Charity, No: SC015096