...
A visio of the above is available, in case you'd like to play!
Next steps
~cantor.2@osu.edu Unlicensed user will draft initial specs for IdP enhancements needed to (1) support ECP and (2) add support for expressing policy that constrains delegation of proxy tokens.
~cantor.2@osu.edu Unlicensed user will draft initial specs for the overall flow (of which the above is an inaccurate but indicative form).
~battags Unlicensed user will review the above draft spec to ascertain degree of harmony with the existing CAS proxy flows.
~cantor.2@osu.edu Unlicensed user will enhance the shibboleth SP to provide suitable logging of and policy control over acceptance of proxy tokens.
~edalquist Unlicensed user will draft initial specs for the work needed to complete the servlet filter mentioned above, as well as recommendations for using the PersonDirectory and PAGS for storing SAML attributes and mapping the user to uPortal groups.
~awp9 Unlicensed user will review the various draft specs to ensure that together they produce a viable solution.
unknown will develop specs for a library (or whatever) to enable portlets to implement the ECP profile.
~tbarton Unlicensed user will identify or provide a space in which to continue collaborative work on this topic, and will coordinate with appropriate Internet2, Unicon, U Chicago, and other people to keep this effort on track.
~tbarton Unlicensed user will ensure that a portion of Unicon's engagement with U Chicago's uPortal deployment is assigned to this development activity.
~tbarton Unlicensed user will ensure that JISC is brought in to learn of any interest they may have in this effort.