Hi Gang, As part of some broader SAML 2.x integration work I am doing with Shiro (and specifically Nimble) I need to determine a method for assigning permissions to sessions based on a level of assurance attribute sent down from the users IDP via a SAML 2 assertion. Infact just generically I need to assign roles/permissions for the currently active session only so when the session dies so does the relationship.
Obviously I am going to need to look at the Nimble implementation for isPermitted/hasRole etc and do something to suit this case base but I figured perhaps someone else was doing something in this space as a starting point. cheers Bradley
