Download
1 / 9
90 likes | 195 Views
This document delves into the strategic role that LDAP (Lightweight Directory Access Protocol) plays as a data repository for Service Providers (SPs). It assumes established SP attribute release policies while analyzing data simplicity with SCIM (System for Cross-domain Identity Management) and code richness in LDAP implementations. The discussion encompasses various aspects, including SAML (Security Assertion Markup Language) integrations, push/pull protocols, just-in-time provisioning, and the implications of federated identity management within cloud environments and dynamic changelogs.
E N D
Trappist Magic Quadrants • Assumptions : • From SP perspective (i.e. being an SP) • LDAP = a data repository for an SP or an app • Assume established SP Attribute Release Policies
data simplicity SCIM LDAP data richness SAML SPML
code simplicity SCIM LDAP code existence SPML SAML
push protocol support LDAP SPML SAML+Change Notify pull protocol support SCIM (SP acting as REST endpoint)
just-in-time SPML SAML+CN LDAP just-in-case SCIM
pull bootstrap SP existing SP changelog snapshot one thing everything batch subscription push
Kuali Ready LDAP* SCIM SAML* Payroll SAML LDAP SPML LDAP* = Virtual Federated LDAP SAML* = SAML + Change Notify
cloud federated
IDMS interface SP interface
