>
>I think we should probably bring abfab up to speed on this issue.
Sure.
>Also, from a Moonshot standpoint, do we have any plans to implement
>anything heavier-weight than what we do now?
Well, before we can think about implementation we should think about GSS
API methods capable of leveraging the request/response pattern, given an
establish GSS context (e.g., to obtain attributes for a principal that
weren't provided in the initial context set-up; or to obtain an
authorisation decision from a remote PEP after authentication).
(Unfortunately this dropped off my radar when we made the decision to
decouple aaa-saml from GSS).
I am curious what the Microsoft SSPI does, if anything, in this space.
Josh.
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
|