GridShib Attribute Exchange Profiles
GridShib Attribute Pull and Attribute Push are analogous to Shibboleth Attribute Pull and Attribute Push. The distinction is whether or not the Shib !IdP pushes attribute assertions alongside of authentication assertions. Like Shibboleth Attribute Push, GridShib Attribute Push may be used in those cases where there is no clear communication channel between domains A and B. Also, Attribute Pull assumes a trust relationship between the Grid SP and the !IdP, which may be more appropriately handled by a centralized SAML provider (see the GridShib Non-Browser Profiles).