Look at your shib logs? Probably the best way. I can tell you the
usage of SAML 1 vs SAML 2 within the federation, but that doesn't really
answer your question.
On 23/01/2012 08:26, Matthew Slowe wrote:
> On 23/01/2012 08:16, "Andy Swiffin"<[log in to unmask]> wrote:
>
>> If I remember right what Ian Young said at the TAG last week, attribute
>> push in SAML1 is not supported in the UK Federation.
>>
>> The question begs to be asked: why do you want to use simplesamlphp for
>> an IdP? I could understand someone using the SP where they have a php
>> application and they want to federate it without using the shib SP in
>> Apache, but the IdP?
> Just looking around... we're thinking of replacing our commercial local
> IdP application with SimpleSAMLphp (because it's simpl, works, doesn't
> have a massive dependancy list and we like it) and I was taking that
> thought to its logical conclusion where we consolidate and also replace
> our Shibboleth IdP (which is currently "protected" by our local IdP) too...
>
> It was the older SAML1 type stuff I was worried about -- but I have no
> idea how much of a problem that would actually be in the real world any
> more... is there a simple way to tell how many assertions went out by the
> "old" way?
>
> Ta,
> Matthew
>
>> Andy
>>
>>
>> -----Original Message-----
>> From: Discussion list for Shibboleth developments
>> [mailto:[log in to unmask]] On Behalf Of Peter Schober
>> Sent: 22 January 2012 17:26
>> To: [log in to unmask]
>> Subject: Re: Use of SimpleSAMLphp
>>
>> * Matthew Slowe<[log in to unmask]> [2012-01-22 17:44]:
>>> Just a quick one (haha, they all day that) -- are there many people
>>> using SimpleSAMLphp as an IDP on the UK Federation? If so, are there
>>> any issues (I dunno... compatiblity with sone SPs)?
>> You could easily identify those by their ACS URLs in the federation
>> metadata, e.g. by grep'ing for 'idp/SSOService.php'.
>> Currently there seem to be 4 in use, 2 of which have '-dev' in their host
>> names. 2 out of ~700 IdP entities is not "many people", IMHO.
>>
>> As for compatiblity: If you need attribute queries for anything, well,
>> SimpleSAMLphp does not support those (so you'd need to push all
>> attributes over the browser, for noth SAML1.x and SAML2).
>> -peter
>>
>>
>> The University of Dundee is a registered Scottish Charity, No: SC015096
>>
>
--
-------------
JISC Advance
Brettenham House
5 Lancaster Place
London WC2E 7EN
phone: 02030066040
skype: harrisnv
twitter: @nicoleharris
|