Print

Print


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Right - in our case, we would be needing only the barest features, just to 
read a couple of attributes from one IdP and possibly act conditionally on 
them.

On Thu, 26 May 2016, Scott Prater said:

> One thing to keep in mind is that the EZProxy SP implementation is not quite
> as full-featured as the native Shibboleth SP client.  We discovered that
> EZProxy's SP could not handle chaining attribute authorities, which pretty
> much ruled that path out for us.  So we ended up setting up a simple
> shib-enabled proxy server application, which does all the authentication and
> authorization, then passes a verified request along to EZProxy.
> 
> But if your use case is simple (all your attributes come from the same IdP
> that handles the authentication), EZProxy's built-in SP should be fine.
> 
> -- Scott


- -- 
++++++++++++++++++++
Michael Berkowski
University of Minnesota Libraries
[log in to unmask]
612.626.6137
PGP Public Key: http://z.umn.edu/mjbpubkey
++++++++++++++++++++

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAldHYkIACgkQ01KJk46VC2ZYzwCfeiHdL4nz77ZXx8dUYdUtqrBa
7o0An0bONkkQMB+Hhwjw2gWgzVWyqo+A
=gLF4
-----END PGP SIGNATURE-----