Bugzilla – Bug 5565
Remove AAIdentity configuration
Last modified: 2008-04-25 21:12:03
You need to
before you can comment on or make changes to this bug.
Remove the AAIdentity configuration (internally the constant name for this
config is AUTHZ_IDENTITY_KEY).
AAIdentity: "This value is the certificate identity of the Shib AA. If this is
included, the https connection to the AA will only be authorized if the AA's
Since we are now mainly using SAML metadata (programmatic AA configuration is
possible though), this configuration does not make sense. It is really a
holdover from when one attribute authority was specified directly in the query
The only clientside authorization (here the client is the query PIP) possible
now is host based authorization. SAML metadata does not allow for particular
DNs for particular attribute authorities to be specified.
Committed to gridshib_gt_0_6_0_branch