US Federations Discussion

[Tom Scavo <>]

Hi Ying,

> We have a case where a professor at University of Southern Denmark
> (SDU) would like his students to access a Moodle application
> provided at UCLA. The Moodle application is an InCommon SP. A little
> research led me to believe that SDU is a member of Danish e-identity
> federation WAYF. WAYF is a SAML 2 federation that supports some
> eduPerson attributes including eduPersonPrincialName. I wonder if
> anyone out there knows about any possible solution of
> inter-federational SSO that might allow user from a WAYF IDP to
> access an InCommon SP.

This is a very reasonable request. However, there is no easy way to 
accomplish this. Currently there is no interfederation agreement between 
InCommon and WAYF.

> If this scenario is currently not practical,
> would bi-lateral integration (metadata exchange) with WAFY or SDU
> IdP be reasonable alternatives?

Yes, that is always a possibility. Of course all it takes is a few 
repetitions of this exercise and we're back to square one, that is, how do we 
interfederate in general.

> Any other practices that address similar use cases?

I've heard of a number of similar use cases but as of yet there is no general 
solution to this problem.

Hope this helps,

Tom Scavo
Operations Manager
InCommon.org
https://twitter.com/trscavo