Hi,
exactly as Peter S. said: "The task would therefore be to fix the system to provide stats consistently, no matter the access method. Because there's no technical reason this couldn't be done in those two scenarios."
BTW it is great to find requested attributes by Cambridge Core SP in eduID.at metadata [1] since requested attributes are missing in eduGAIN metadata [2], unfortunately.
I am not sure whether eduPersonScopedAffiliation is sufficient there for faculty usage statistics. I believe that the most universities provide faculty affiliations in eduPersonEntitlement rather than in eduPersonScopedAffiliation.
Best regards
Jiri
1. https://met.refeds.org/met/entity/https%253A%252F%252Fshibboleth.cambridge.o... 2. https://met.refeds.org/met/entity/https%253A%252F%252Fshibboleth.cambridge.o...
On Fri, Apr 5, 2019 at 8:03 PM Peter peter.gietz@daasi.de wrote:
If I understand the use-case correctly it is all about statistics: how many users of the organisation have been using which offerings. And after having collected such stats in a trial period, the contract will only include those offerings that have been used often enough. If the publisher's software that does such stats, only counts on IP-range basis, it will need to be modified. I don't think that client IP address helps in the SAML case, but may be I missed what you wanted to say.
Cheers,
Peter G.
Am 05.04.19 um 18:24 schrieb Peter Schober:
- Peter peter.gietz@daasi.de [2019-04-05 18:13]:
How are we to fix such issues? Should we have sentences like "publishers who push for FIM should also align their software offerings accordingly"
I don't even understand why they should be able to provide such stats for non-personally identifiable access from IP ranges but not for non-personally identifiable access from any IP address but authorised by a SAML IDP: In both cases they have the client IP addresses, in both cases they need to perform authorisation checks (IP, SAML attribute), in both cases they lack an identifier to reliably map access requests to individuals.
The ask would therefore be to fix the system to provide stats consistently, no matter the access method. Because there's no technical reason this couldn't be done in those two scenarios.
-peter _______________________________________________ FIM4L mailing list FIM4L@lists.daasi.de http://lists.daasi.de/listinfo/fim4l
-- _______________________________________________________________________
Peter Gietz (CEO) DAASI International GmbH phone: +49 7071 407109-0 Europaplatz 3 Fax: +49 7071 407109-9 D-72072 Tübingen mail: peter.gietz@daasi.de Germany Web: www.daasi.de
DAASI International GmbH, Tübingen Geschäftsführer Peter Gietz, Amtsgericht Stuttgart HRB 382175
Directory Applications for Advanced Security and Information Management _______________________________________________________________________
FIM4L mailing list FIM4L@lists.daasi.de http://lists.daasi.de/listinfo/fim4l