OpenSAML user discussion

["Garcia, Gene" <>]

Title: authentication questions

I've found the answer to #2. In SAML 1.1 you use a parameter named 'TARGET' in the request. In SAML 2.0 it's called 'RelayState'.

Still looking for an answer to the other question.

 

-Gene

-----Original Message-----
From: Garcia, Gene [mailto:]
Sent: Monday, July 11, 2005 3:55 PM
To:
Subject: authentication questions

I've got two questions for the group:
1) Is there a way for a service provider to send an authentication request for an unidentified user? For a user that the third party knows nothing about, they'd need to send an authentication request with no subject. In SAML2.0 that appears to be no problem, but in SAML1.1 (and hence, with opensaml) I don't see a way to do this. Am I missing something?

2) How can the third party include target url info (the url of the resource that a user requested that resulted in a need for authentication) in the authentication request? The third party will need to know where to send the user after the authentication.

BTW, I've added a "test" target and a "test-reports" target to the build.xml to be able to run the opensaml unit tests. The target definitions are slight modifications to those created by Matt Raible for his open source project 'Equinox'. Let me know if you'd like me to submit this mod.

Thanks.

-Gene