...
- It should be noted that Internet2's COManage project is complementary to this project, as it focuses on authorizing and provisioning members of a Virtual Organization for LDAP-enabled applications. While it does include primitive exchange of user identity information via nightly LDAP queries, we believe COManage would benefit from our work on the exchange of identity information. Also, COManage provides an off-the-shelf solution for LDAP-enabled applications that can be leveraged within UC. Assuming implementation is approved for this project, potential collaboration with COManage should be pursued.
Work in Progress
Detail Design Whiteboard Working Session Diagram Pics:
- UP DD Working Session 1.JPG
- UP DD Working Session 2.JPG
- UP DD Working Session 3.JPG
- UP DD Working Session 4.JPG
- UP DD Working Session 5.JPG
- UP DD Working Session 6.JPG
- UP DD Working Session 7.JPG
- UP DD Working Session 8.JPG
- UP DD Working Session 9.JPG
...
Technical Implementation Thoughts
Wire Protocols
SCIM
- Lots of momentum in industry
- Still immature
- Elegant in it's simplicity
- Wouldn't be able to deliver range if data needed without significant further development
- We could influence the course and pace if it's maturation
SPML
- Not much uptake/active development in industry, with the exception of Oracle which relies heavily on SPML
SAML
- Well-known in higher Ed
- Higher Ed reps actively participate in standards bodies
- Mature enough to deliver wide range of attributes right away
- Relatively little interest from biggest industry players
Comparison
- The group compared different options on different criteria:
UCOP-Trappist-Magic-Quadrant-2.pdf
IdP toolkit
SP Toolkit
Related Links
...