Wouldn't a swap installed instance use Sentinel? Alleviating the need for such tight integration with shibboleth? If not, Matt I may someday need to get a download from you on how we can utilize shibboleth for authentication purposes in our web environment here at UR. Chris Harper INFORMATION TECHNOLOGY SPECIALIST University Relations / Michigan State University 401 Olds Hall, East Lansing, MI 48824-1047 Email: [log in to unmask] / Direct: 517.355.9980 Web: http://ur.msu.edu / Cell: 517.290.5496 -----Original Message----- From: Matt Kolb [mailto:[log in to unmask]] Sent: Friday, December 14, 2007 1:20 PM To: Harper, Chris Cc: [log in to unmask] Subject: Re: [MSUNAG] Fwd: Today's SWAP Presentation On Dec 14, 2007, at 10:50 AM, Harper, Chris wrote: > Why would it require a PID or a zPID? I see no use for that data for > SWAP type system. MSU NetID is unique enough... If we integrated MSU auth with SWAP, we would be use the UUID as the foreign key in the system (everyone has one, they are guaranteed to be unique in time and space, and they never go away). NetID on the other hand doesn't have any of those properties. The person would *LOGIN* with their NetID likely through shibboleth, then the attributes of UUID, name, affiliation, or whatever else we need would be released to SWAP on a per-visit basis. ./mk -- Matt Kolb <[log in to unmask]> Academic Computing & Network Services Michigan State University