Perl 6 - the future is here, just unevenly distributed

IRC log for #shibboleth, 2017-01-23

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
02:48 ilbot3 joined ##shibboleth
14:33 Es0teric joined ##shibboleth
14:39 Es0teric joined ##shibboleth
15:00 misilot joined ##shibboleth
15:01 misilot left ##shibboleth
15:05 Es0teric joined ##shibboleth
15:07 misilot joined ##shibboleth
15:08 misilot left ##shibboleth
15:12 Es0teric joined ##shibboleth
16:25 quenode joined ##shibboleth
16:25 quenode Hi
16:32 Es0teric joined ##shibboleth
16:49 pdurbin what's up quenode
16:49 quenode Hi guys
16:50 quenode I have question is shibb overhead for small organization.  We are using freeipa
16:50 quenode But would like to allow are clients access via oauth2  to dev servers
16:54 pdurbin ok
16:56 quenode pdurbin: is it smart do ditch the freeipa and use shibb for all stuff :)
17:14 pdurbin I'm not sure. I've never used freeipa. I wonder if that's the old Netscape code. I seem to remember o=NetscapeRoot.
17:26 quenode pdurbin: its missing a lot of stuff can you do direct ldap queries to  shibb ?
17:29 pdurbin no
17:30 pdurbin Do you need help understanding what Shibboleth is?
17:30 quenode Yes
17:32 pdurbin Here's my definition: "Shibboleth is an implementation of the Security Assertion Markup Language (SAML) protocol which is similar in spirit to systems used by many webapps that allow you to log in via Google, Facebook, or Twitter." http://guides.dataverse.org/en/4​.6/installation/shibboleth.html
17:32 quenode pdurbin: ship is SSO right  :)
17:33 quenode pdurbin: I was thinking maybe ship has it's own ldap server ?
17:33 quenode pdurbin: not just a connector to ldap or AD
17:33 pdurbin Well, the passwords need to be stored somewhere.
17:35 pdurbin cyberlard dstanek ekarlso_ Es0teric pv2b srg synaptech: Do any of you run a Shibboleth Identity Provider (IdP)? I only run the Service Provider (SP) part, quenode.
17:36 pdurbin I think it's ok to think of Shibboleth as a connector.
17:36 quenode pdurbin: yes I all good then i would need freeipa than connect shib to that
17:38 quenode pdurbin: but all good thx for clarification
17:49 pdurbin you're welcome
17:50 dstanek pdurbin: i only run the SP
17:52 cyberlard pdurbin not on production yet
18:17 srg Our Identity Management department runs the IdP. Several, actually. Production and non-production.
18:17 srg I don't run it personally.
18:22 srg Also, just saying, it's a big rude to highlight everyone on a channel
18:23 srg I wasn't active in here because I'm at work focusing on something
18:35 pdurbin I meant no offense.
19:03 synaptech I actually don't even run the SP :P
19:04 synaptech but I'm using TestShib to help troubleshoot an SP I worked on that uses OpenSAML
19:17 pdurbin cool
19:30 Es0teric pdurbin yes... but i was not the one that set it up nor do i interact with it
19:34 pdurbin ok, thanks
19:45 synaptech I've started to look into getting the IdP set up on a box here so we don't have to rely on outside tools but haven't gotten too far with it
20:12 pdurbin I added a "dev mode" to the app I work on so for the most part I can get by without running an IdP.

| Channels | #shibboleth index | Today | | Search | Google Search | Plain-Text | summary