Perl 6 - the future is here, just unevenly distributed

IRC log for #shibboleth, 2013-08-23

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
15:28 christo_m joined ##shibboleth
15:28 christo_m Is everyone idling?
17:13 pdurbin christo_m: always
17:13 pdurbin what's on your mind?
17:21 christo_m pdurbin: this is the shibboleth, as in
17:21 christo_m federated single sign on stuff
17:21 christo_m i just had a question regarding how to forward to a default provider
17:22 christo_m pdurbin: right now i have this: http://cln.utoronto.ca/secure  , however i have to manually select the institution
17:22 christo_m looking at teh CANARIE site, i couldnt determine how to default to a specific IDP with the WAYF discovery
17:22 christo_m also, regarding logging out properly, should i be redirecting to the IDP? because i know i can just kill the session locally with Shibboleth.sso/Logout, but im wondering if theres a more elegant solution
17:40 pdurbin christo_m: that drop down seems pretty nice. can remember for a week. what if it could remember for longer? would that meet your needs?
17:40 christo_m Ideally I'd like to just default to something instead
17:40 christo_m Seems like that isnt possible
17:40 christo_m At any rate, im not in charge of how the Canarie people do their thing
17:41 christo_m they're the big canadian federated network, and my job is just to make sure my SP integrates with the system
17:41 christo_m It just sucks that coming from a U of T site, I would like to default to U of T, not see all the choices for educational institiutions in Canada
17:42 pdurbin yeah
17:45 christo_m and as far as the other issue of logging out
17:45 christo_m what do you suggest
17:45 christo_m do you just kill the session locally?
18:03 pdurbin hmm, sorry, I'm really not sure. I'd ask on the mailing list
18:03 christo_m meh whatever i emailed there ITS people
18:03 christo_m ill probably look like an idiot but its k
18:04 pdurbin k
18:09 christo_m hahah
18:09 christo_m "k"
18:09 christo_m EXACTLY
18:18 pdurbin :)
19:42 christo_m pdurbin: figured it out
19:42 christo_m http://www.switch.ch/aai/support/serviceproviders/sp-compose-login-url.html
19:42 christo_m just generated a link that goes directly to their idp entity
19:43 pdurbin \o/
19:43 christo_m shibboleth is very silly
19:43 christo_m and even more silly are the organizations using it
19:43 pdurbin :)
19:43 pdurbin we aren't using it yet. soon!
19:44 christo_m i think universities just like using complicated things like this
19:44 christo_m LDAP, etc
19:44 christo_m i guess theyve been around for a long time also so theyre pretty solid
19:45 pdurbin LDAP is fine
19:45 christo_m man have you ever set that thing up?
19:45 pdurbin ask me in a few months about shibboleth ;)
19:45 christo_m it took me like a full day of tinkering on a nix box
19:45 christo_m i think i spoke to you last time
19:45 christo_m a couple months ago
19:46 christo_m i was just trying to set up a small test case with two VM's
19:46 christo_m it took me like a week
19:46 christo_m but i got the SP and IDP talking, the idp doing a lookup through LDAP
19:46 christo_m and populating attributes
19:46 christo_m on top of that apache proxying to tomcat with an AJP connector , (im all new to this stuff btw)
19:46 christo_m apache doing the shib redirects
19:58 pdurbin christo_m: this is all I've done. also a VM: https://github.com/dvn/shibpoc
20:11 pdurbin so yeah, I'm new to it too

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary