Athens DA Protocol

From RavenWiki
Revision as of 12:36, 18 May 2007 by jw35 (talk | contribs) (Created)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

{shib-project}

As I understand it, the Shib->Athens gateway effectively uses EduServ's proprietary Athens DA protocol once you've actually authenticated. Details of the protocol are not available to the likes of us, but here are some notes on aspects of it that I have deduced.

Identifiers

The protocol apparently transfers at least two attributes to the content provider: a user name and a persistent unique ID. When using the gateway, the user name is a 20-character random string starting '_' and the persistent unique ID is set from the eduPersonTargetedID provided by Shib. Apparently there is no guarantee that the random user names won't change, though they don't at the moment.

Cookies

  • ath_ldom, domain .athensams.net, expires 2012: contains providerID, appears to drive the Home Domain Discovery service
Retrieved from "https://wiki.cam.ac.uk/wiki/raven/index.php?title=Athens_DA_Protocol&oldid=1711"