mace-opensaml-users - Re: SAML1.x or SAML2.x?
Subject: OpenSAML user discussion
List archive
- From: Scott Cantor <>
- To: "Pantvaidya, Vishwajit" <>
- Cc:
- Subject: Re: SAML1.x or SAML2.x?
- Date: Fri, 21 Apr 2006 19:01:07 -0400
Pantvaidya, Vishwajit wrote:
Sorry for posting this here but was a very quick one - As I go through> SP, and I send a Shib auth request to the IdP, would the IdP need to be
Shibboleth docs, I am wondering if, presuming we use Shibboleth for our
Shib-aware to be able to handle the request.
Yes. Tom tried to explain that SAML 1.1 doesn't include an AuthnRequest message. Most deployments of SAML just hack around the problem somehow. Shibboleth just formalized the hack so that if people want to interop with it, they know how.
It's possible to push from the IdP, but you don't do it from the SP side. You need to build a portal page running somewhere with links that trigger the IdP->SP flow you want. That page is generally proprietary to each SAML 1.1 IdP because that step isn't part of the spec.
-- Scott
- Re: SAML1.x or SAML2.x?, (continued)
- Re: SAML1.x or SAML2.x?, Tom Scavo, 04/20/2006
- RE: SAML1.x or SAML2.x?, Scott Cantor, 04/20/2006
- RE: SAML1.x or SAML2.x?, Pantvaidya, Vishwajit, 04/20/2006
- Re: SAML1.x or SAML2.x?, Tom Scavo, 04/21/2006
- RE: SAML1.x or SAML2.x?, Pantvaidya, Vishwajit, 04/21/2006
- Re: SAML1.x or SAML2.x?, Tom Scavo, 04/21/2006
- RE: SAML1.x or SAML2.x?, Pantvaidya, Vishwajit, 04/21/2006
- Re: SAML1.x or SAML2.x?, Tom Scavo, 04/21/2006
- RE: SAML1.x or SAML2.x?, Pantvaidya, Vishwajit, 04/21/2006
- RE: SAML1.x or SAML2.x?, Pantvaidya, Vishwajit, 04/21/2006
- Re: SAML1.x or SAML2.x?, Scott Cantor, 04/21/2006
Archive powered by MHonArc 2.6.16.