~cantor.2@osu.edu asked for use cases to support possible shibboleth work in each of several areas, and ~battags similarly polled for interest in some potential areas for CAS development. These are listed below. Some ideas for additional sessions also arose.
Possible shibboleth development areas
S1. Dynamic user consent for attribute release
S2. N-tier, e.g., shibboleth support for user proxying in uPortal
S3. Card Space
S4. Attribute aggregation, ie, making attributes from multiple Sources of Authority appear at session creation time. Examples
- Virtual Organization management
- Age verification
- Integration of systems across state systems of higher ed
- Integration of systems between a campus and its medical center
- Distance learning in a state system
S5. Java SP
There are 2 or 3 independently developed ones, aren't they enough?
Possible areas for CAS, or CAS-Shib, development
C1. CAS + Shib cohabitation patterns
What guidance can we offer to campuses that have deployed CAS and want to also get into shibboleth? One requirement: there should be no additional logins required.
C2. CAS2shib and shib2CAS gateways
C3. CAS & shib roadmap harmonization
C4. CAS 4 protocol
C5. Better CAS management tools
C6. Support for transitioning users from using external accounts to using campus-based accounts, e.g., as they matriculate. This might just amount to CAS accepting OpenID somehow.
C7. Build a better java OpenID IdP
C8. Assess how CAS or shib fit with OAuth.