Menu
▾
▴
Re: [Bodington-developers] SP testing on wiki
|
From: Colin T. <col...@ou...> - 2006-07-05 12:58:35
|
Although I agree with most of what you say (I think) it doesn't seem to address what I was suggesting/asking? (Maybe it wasn't supposed to :-) ) 1) Can the SP bit be turned off by default, or re-configured so that the *Shibb* route is via a different URL? 2) Is the SP code already in HEAD? Although I agree having a different login route for Shibb isn't as good as a Shunnel(!) releasing 2.8 with different URL Shibb is better than not including it at all, especially if we have to take the code out of HEAD? Colin Alistair Young wrote: > Let me clarify first, that the issue is with bod itself, not with > what Atif has produced as a shibb module. I suspect the hand of > politics involved and as we all know, developers are it's servants. > > It would seem that local demands have impinged upon the gx philosophy > of minimal disruption. e.g. the bod IdP runs without normal users' > knowledge and the SP should do the same. We, the gx project as a > whole, could have caught this earlier if we'd known about it but we > didn't so we couldn't. As the gx project is not about custom coding > to local demands then I would say it's fair to ask Atif or someone > Leeds can nominate to remove the implications of those local demands > and bring bod in line with the minimal philosophy. > > This means providing a separate shibb route into bod. We've seen it > before with webauth etc so it's possible and is arguably the way it > should have been. > > As it stands, it's unacceptable to change the way an institution's > users work just so that a feature of the vle can be tested. When > opening your vle to shibbed users means inconveniencing your own > users, then we have failed. It's bad practice and bad publicity that > will only harm bod in the long run. > > The Guanxi and SOCKET projects enjoy a symbiotic relationship so > let's not disturb that. Instead, let's find a way out of this that is > benficial to all concerned. Whether that means subcontracting to > someone who knows enough about bod to implement this is a matter for > discussion. > > Indeed, we know of someone who is currently available and is fresh > from testing bod and has some shibb knowledge to boot ;) > > Alistair > > > On 5 Jul 2006, at 12:57, Colin Tatham wrote: > > >>Sean Mehan wrote: >> >>>well, what it does mean is that >>> >>>1) GX isn't done, still; >>>2) 2.8 will ship with no SP support unless we delay the 2.8 release >>>for an indeterminate amount of time. >> >>Are the problems with the SP that bad that we remove it for 2.8? >>I think the main one is the fact that you can't use the same login >>route for Shibb and normal Bod >>auth (and the fact that sysadmin has to go via /opensite/). If it's >>possible to release it with the >>SP stuff turned off, it will work as normal, and if people want to >>test the SP, they follow some >>short instructions to enable it (and find out that they have to now >>login via /opensite/ as sysadmin)? >> >>Colin >> >> >> >>>If it is the case that we still haven't finished GX (with the SP in >>>bod being a component of that), then, I suppose that we are beholden >>>to Leeds to find the time for >>>their current project, which is still giving them money, in order to >>>complete a project for which they received all of their money some >>>time ago. >>> >>>As for 2, all things being equal, its a ++2 from me to ship Bod 2.8 >>>with no SP support. >>> >>>s >>> >>> >>>On 5 Jul 2006, at 12:13, Alistair Young wrote: >>> >>> >>> >>>>nae probs wee man! >>>> >>>>On 5 Jul 2006, at 12:16, Atif Suleman wrote: >>>> >>>> >>>> >>>>>Thanks Alistair for the feedback: >>>>>http://www.bodington.org/wiki/index.php? >>>>>title=TestRel2.8#Shibboleth_Functionality >>>>> >>>>>Any work on bodington-sp will have to wait until Socket project is >>>>>finished at the end of the month. >>>>> >>>>>Ta >>>>>Atif. >>>>> >>>>> >>>>>Sean Mehan wrote: >>>>> >>>>> >>>>> >>>>>>On the SP side, Atif, can you fix the things Al has found there, >>>>>>including the documentation? We really need the SP to work as a >>>>>>final >>>>>>output for GX. >>>>>> >>>>>>Thanks, >>>>>>S >>>>>> >>>>>> >>>>>> >>>>>>On 5 Jul 2006, at 10:38, Alistair Young wrote: >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>>I've updated the testing page: >>>>>>>http://www.bodington.org/wiki/index.php? >>>>>>>title=TestRel2.8#Shibboleth_Functionality >>>>>>> >>>>>>>Good work Atif on the sp module but bod itself just isn't ready >>>>>>>to be >>>>>>>an sp IMHO. >>>>>>> >>>>>>>Alistair >>>>>>> >> >>-- >>____________________________________ >>Colin Tatham >>VLE Team >>Oxford University Computing Services >> >>http://www.oucs.ox.ac.uk/ltg/vle/ >>http://bodington.org >> >>Using Tomcat but need to do more? Need to support web services, >>security? >>Get stuff done quickly with pre-integrated technology to make your >>job easier >>Download IBM WebSphere Application Server v.1.0.1 based on Apache >>Geronimo >>http://sel.as-us.falkag.net/sel? >>cmd=lnk&kid=120709&bid=263057&dat=121642 >>_______________________________________________ >>Bodington-developers mailing list >>Bod...@li... >>https://lists.sourceforge.net/lists/listinfo/bodington-developers > > > > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > Bodington-developers mailing list > Bod...@li... > https://lists.sourceforge.net/lists/listinfo/bodington-developers > > -- ____________________________________ Colin Tatham VLE Team Oxford University Computing Services http://www.oucs.ox.ac.uk/ltg/vle/ http://bodington.org |
