Overview

After login at a service the service (SP) may be missing some information or requirements of the login, for example

  • Too few attributes sent from the IdP
  • Required attribute value is not sent from the IdP
  • The service requires REFEDS MFA capability of the IdP but not supported by IdP (according to IdP Metadata)
  • The IdP doesn't seem to support the forceAuthn SAML flag (either a SAML error from the errorURL or the AuthenticationInstant is not refreshed

There currently is no best-practice for how a service should inform users of non-technical shortcomings of logins. It would be convenient if IdP's could supply URL's to different support pages that services could referer to depending on pre-defined problems with logins. Many login problems are not detected until after login.

ACAMP at TechEx had a session regarding this. Notes and Post-ACAMP work are available at https://bit.ly/2rOYgl1

Terms

The following terms apply to all REFEDS Working Groups:

  1. When a working group is agreed, REFEDS Participants will be asked if they wish to participate. Working Groups tend to be small, so consensus can be achieved quickly between participants.
  2. A chair for the group is chosen from the REFEDS Participants.
  3. GÉANT provides facilities for the working group, including meeting support, wiki space, mailing lists and, where appropriate, funding.
  4. An appropriate output from the group is produced. Currently, this is typically a draft white paper or a wiki page.
  5. When the Working Group is in agreement, the chair shares the outputs with the wider REFEDS community with an open period for discussion and comment. This is typically a period of 4 weeks, but may be longer if appropriate.
  6. After this period of time, the REFEDS Steering Committee signs off on the work item. Work is either written up as a formal white paper, left on the wiki but promoted as finished work or occasionally submitted as an Internet Draft.

Mailing List

https://lists.refeds.org/sympa/info/error-handling

(a Slack channel is also available on the eduGAIN slack instance)

Chair

Fredrik Domeij (SWAMID)

Deliverables

Meeting Notes

Timeline

  • Initial proposal target date: mid-March 2020



  • No labels