[jboss-dev-forums] [Design of JBoss Identity] - Re: descentralized identity Federation component
aamonten
do-not-reply at jboss.com
Wed Mar 11 14:44:45 EDT 2009
"anil.saldhana at jboss.com" wrote : It is just one of the use cases possible.
|
| It should be pretty straight forward to implement this use case as a valve/servlet filter and tie it with the container security.
|
| The question would be what trust information gets associated with the user name that floated in? Maybe the digital signature of the sender with whom the IDP has trust relationship.....
I'm more concerned about the user identifier, SP-1 could have use the username identifier while SP-2 could use the email as the identifier then there is a problem by matching the identifiers.
Does any know if there are a standard for these? I have been looking at the "Name identifier Management Profile" but not sure if it's the adequate, as I see it to open and want avoid creating something none standard.
Maybe a kind of alias service that manage the mappings of ids related to unique identifier...
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4217129#4217129
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4217129
More information about the jboss-dev-forums
mailing list