...
A visio of the above is available, in case you'd like to play!
Next steps
Unlicensed user Scott Cantor will draft initial specs for IdP enhancements needed to (1) support ECP and (2) add support for expressing policy that constrains delegation of proxy tokens.
Unlicensed user Scott Cantor will draft initial specs for the overall flow (of which the above is an inaccurate but indicative form).
Unlicensed user ScottS will review the above draft spec to ascertain degree of harmony with the existing CAS proxy flows.
Unlicensed user Scott Cantor will enhance the shibboleth SP to provide suitable logging of and policy control over acceptance of proxy tokens.
Unlicensed user Eric Dalquist will draft initial specs for the work needed to complete the servlet filter mentioned above, as well as recommendations for using the PersonDirectory and PAGS for storing SAML attributes and mapping the user to uPortal groups.
Unlicensed user Andrew Petro will review the various draft specs to ensure that together they produce a viable solution.
unknown will develop specs for a library (or whatever) to enable portlets to implement the ECP profile.
Unlicensed user Tom Barton will identify or provide a space in which to continue collaborative work on this topic, and will coordinate with appropriate Internet2, Unicon, U Chicago, and other people to keep this effort on track.
Unlicensed user Tom Barton will ensure that a portion of Unicon's engagement with U Chicago's uPortal deployment is assigned to this development activity.
Unlicensed user Tom Barton will ensure that JISC is brought in to learn of any interest they may have in this effort.