Placeholder for discussion of Portal Design issues.
SP Integration
- Exposing attributes from SP to portlets
- Limiting access to attributes based on the portlet
Portal/Portlet Security Token Handoff
- Mechanism for portlet to ask for an assertion to proxy with
- Encoding of assertion back to portlet
Portlet Client Library
- Need an HTTP client API allowing access to WSPs while handling authentication internally
- Client stack needs support for TLS client and server authentication, cookies, and whatever features WSPs would impose
- Internals must support detection of ECP requests, Liberty-defined interactions with IdP, and handling ECP responses