SiNotes-Grid
Thursday, May 04, 2006
SPIE
is the LDAP server dedicately create for SPIE project and maintained by SPIEs?
if yes, how did they populate the LDAP server?
To be authenticate through webAuth is not hard, and if we dont have access to centre LDAP
directory(if we have one), I would like create one myself for testing purpose.
Then no point to use the idP from SPIE, create my own will be more flexiable.
Q: When users are redirected to SSO handle for authencation, a handle will be generated and sent to SP within SAML assertion.Then SP daemon use this handle as a temporary reference to
query the attributes from AA handler of idP. The questions is, the SSO authZ is performed through Kerberos database, while attributes are stored in LDAP directory, how can the handler map them together so that we can find the desired attr from right person?
if yes, how did they populate the LDAP server?
To be authenticate through webAuth is not hard, and if we dont have access to centre LDAP
directory(if we have one), I would like create one myself for testing purpose.
Then no point to use the idP from SPIE, create my own will be more flexiable.
Q: When users are redirected to SSO handle for authencation, a handle will be generated and sent to SP within SAML assertion.Then SP daemon use this handle as a temporary reference to
query the attributes from AA handler of idP. The questions is, the SSO authZ is performed through Kerberos database, while attributes are stored in LDAP directory, how can the handler map them together so that we can find the desired attr from right person?
posted by Synew # 6:36 PM 
Archives
