mace-opensaml-users - RE: authentication questions
Subject: OpenSAML user discussion
List archive
- From: "RL 'Bob' Morgan" <>
- To: "Garcia, Gene" <>
- Cc:
- Subject: RE: authentication questions
- Date: Mon, 11 Jul 2005 17:37:54 -0700 (PDT)
So in 1.1, it looks like the request sent to the IdP just contains a "Target" parameter without an accompanying SAMLRequest. That's unfortunate. There's a lot that the AuthnRequest allows for that is apparently just not possible with SAML 1.1.
Yep. In any scenario where the SP wants to influence the kind of authentication that's done by the IdP, doing this with SAML 1.1 means doing proprietary extensions. On the other hand, the AuthnRequest element is one of the most complicated in SAML 2, and that's not even counting the AuthnContext stuff, which is its own 70-page document. So just because you can ask for it doesn't mean the IdP knows how to give it to you.
- RL "Bob"
- authentication questions, Garcia, Gene, 07/11/2005
- Re: authentication questions, RL 'Bob' Morgan, 07/11/2005
- Re: authentication questions, Tom Scavo, 07/11/2005
- <Possible follow-up(s)>
- RE: authentication questions, Garcia, Gene, 07/11/2005
- RE: authentication questions, Scott Cantor, 07/11/2005
- RE: authentication questions, RL 'Bob' Morgan, 07/11/2005
- RE: authentication questions, Garcia, Gene, 07/11/2005
- RE: authentication questions, RL 'Bob' Morgan, 07/11/2005
Archive powered by MHonArc 2.6.16.