Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-1018

Issue CAS tickets that don't require server-side storage

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.3.0
    • Component/s: CAS
    • Labels:
    • Operating System:
      Multiple

      Description

      We've discussed the possibility of supporting a crypto-based CAS ticket format that would recover the necessary state at runtime from the ticket, in the same way the IdP can recover subject data from a transient ID for queries across nodes.

      Main issue is the length becoming too long depending on the data needed, but in the case of queries today, we live with the fact that we re-resolve attributes on the back-channel even after doing it on the front-channel, and rely on caching to handle the overhead, and it's always worked pretty well.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              serac@vt.edu Marvin S Addison
              Reporter:
              cantor.2@osu.edu Scott Cantor
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 day, 7 hours
                  1d 7h