mace-opensaml-users - Re: Session timeout at IdP | SAML 1.1
Subject: OpenSAML user discussion
List archive
- From: Chad La Joie <>
- To:
- Subject: Re: Session timeout at IdP | SAML 1.1
- Date: Wed, 01 Feb 2006 09:03:33 -0500
- Organization: UIS - Project Sentinel
Hey Rajesh,
SAML 1.X (and thus OpenSAML 1.1) is really stateless, in the sense that there is no defined concept of a session (the transport protocol used is also stateless). So, you're not going to find what you're looking for in the OpenSAML code base, even in 2.0.
Instead, as Tom suggested, you probably want to look at Shibboleth (http://shibboleth.internet2.edu) which is an implementation of the SAML IdP and SP concepts for use with web based applications. A number of schools have deployed Shibboleth as an SSO so it does have the ability to be used as such. Shibboleth 2.0 will, in my opinion, be the first release of Shibboleth that really brings standard SSO features (such as session timeouts) to the table. So, if you can wait 6-9 months Shib 2 might be a good solution for you.
Please let me know if you have any questions. Thanks.
wrote:
Hi,
We are planning to work on a opensaml 1.1 implementation for SSO,
implementing the browser artifact profile.
I was wondering as to how does SAML handle (if at all it handles) Session
timeout at the IdP, while the user is working at SP.
Any pointers in this regard would be highly appreciated.
Thanks and Regards,
Rajesh Narayan
--
Chad La Joie 2052-C Harris Bldg
OIS-Middleware 202.687.0124
- Session timeout at IdP | SAML 1.1, narayan . rajesh, 02/01/2006
- Re: Session timeout at IdP | SAML 1.1, Tom Scavo, 02/01/2006
- Re: Session timeout at IdP | SAML 1.1, Chad La Joie, 02/01/2006
Archive powered by MHonArc 2.6.16.