Child pages
  • Structured Attributes

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Attribute Aggregation -> Structured (Maarten)
  • Structured Attributes - More Just Strings than just strings (Thomas L)

NOTES 

The scope of the discussion is about SAML attributes and how to transfer more complex attributes. Whether the attributes are transferred from the IdP to the SP or from an AP to an SP is not very relevant.

...

  •  the value attached to the attributes a possible architecture to aggregate attributes from different sources
  • a possible architecture to aggregat attributes from different sources

Clearly if attributes become more complex, applications would need to adapt their APIs to process them. Do we have use-cases for more structured attributes? Do SPs need structured attributes?

Olivier mentioned that some use-cases for more structure attributes appeared in the e-Learning sector. 

One way would be to provide both the simple value as well as the structured value. Those applications that cannot process the structured value would just ignore it.

We should be careful not to ship too much information for each authN. Maybe AP should be shipping the structured attributes.

...

It was agreed to decouple the problem in:

  1. Define the structured attribute 

...

  1. Define who wants structured attributes and how to make them consumable for SPs. A couple of use-cases were presented (Roland, Clarin, Olivier).

...

  1. How do you present the aggregate attributes from different source?

 

Action: for those attending this section, to provide use-cases that would benefit from structured attributes. Ideally the use-case should be presented with:

...

  •  describe the authorisation decision in words 

...

  •  list potential attributes to support this

...

  •  identify the sources of these attributes

 

 

 

...

Use case: e-learning

  • User is subscribed to multiple courses and has different roles in the different courses
  • In most courses the user is participant, but in one course the user is teacher and in other the user is assistant
  • The course management system where teachers publish their courses, assign assistants to courses and students subscribe to courses

 

NOTES

Licia - can we work to provide people who come to us for help with some solutions?

...