[OGSA-AUTHZ] VOMS Attribute Profile
Krzysztof Benedyczak
golbi at mat.uni.torun.pl
Thu Nov 29 02:44:20 CST 2007
Hi All,
Valerio Venturi wrote:
> On Tue, 2007-11-27 at 12:32 -0500, Tom Scavo wrote:
>> A relatively simple way to implement an Extended Mode X.509 Attribute
>> Query/Responder or Extended Mode X.509 Attribute Self-Query/Responder
>> (both server-side components) is to deploy a Shibboleth Attribute
>> Resolver in front of a VOMS attribute store. To do this, I would need
>> to understand the VOMS schema (which I don't, but I assume I could
>> look this up somewhere) but more importantly I'd need to know how to
>> map a VOMS attribute to SAML. We've talked about this some on this
>> list, but my question is: Is there a document that describes how to
>> map a VOMS attribute to SAML?
>>
>> I suspect there is no such thing, so it seems we need a VOMS Attribute
>> Profile for SAML, that is, a document that shows how to map VOMS
> There is no such thing yet, but there's some work in progress. Also
> Krzysztof Benedyczak is working on a service with a semantic similar to
> VOMS, a VO service, so we have been trying to unify the efforts and have
> a common VO SAML 2.0 Attribute Profile. Your help and expertise would be
> very much appreciate in finalizing it. I think that we may circulate the
> document here and start a discussion. Krzysztof, is that ok with you?
Yes, of course.
Best regards,
Krzysztof
More information about the ogsa-authz-wg
mailing list