[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-dev
Subject:    Re: Metadata support: EntitiesDescriptor/@Name handling
From:       "Cantor, Scott" <cantor.2 () osu ! edu>
Date:       2013-08-19 14:11:04
Message-ID: BA63CEAE152A7742B854C678D9491383BDE49BE7 () CIO-KRC-D1MBX01 ! osuad ! osu ! edu
[Download RAW message or body]

On 8/19/13 9:56 AM, "Ian Young" <ian@iay.org.uk> wrote:
>
>Yes, actually.  I know it's rare that I say that, but I thought it was
>justified in this case as long as people who really require the previous
>effects have an alternative way to achieve them.
>
>My recollection is that this (splitting @Name out of the relying party
>name match functor) was discussed some time back and we had decided to
>make that break.  I know Chad and I both felt it was appropriate.  If I'm
>labouring under a misapprehension or a mis-recollection then I guess we
>should continue the discussion.

I think the discussion dates back to the earliest assumptions about the V3
config changes. I don't think we've talked much about relying-party.xml
since we made the switch back to compatibility with the existing files for
the most part.

I haven't looked at the schema or thought about how we might introduce
pluggability there, if we can.

>Does the Java code ever look up by @Name at this point?  I was assuming
>that the interesting place was the attribute release policies, or in
>general some post-lookup "does the entity I have in my hand have this
>@Name" kind of situation.

I'm not sure what you mean by Java code here. We don't do anything but
entityID lookup for trust purposes, if that's what you mean.

-- Scott


--
To unsubscribe from this list send an email to dev-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]