shibboleth-dev - RE: standalone authentication request to the Identity provider
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: standalone authentication request to the Identity provider
- Date: Thu, 15 Dec 2005 11:08:02 -0500
- Organization: The Ohio State University
> Can you tell me if the following is correct?
Why not just read the Shibboleth spec? The format is defined there.
> Taking into account this URL, I understand that the target is the final
> resource I want to access (although I don't know why it is
> needed in the authentication request)
It's not, but SAML requires a TARGET value in the response, so that is the
value used. Put whatever you want.
> and the shire is an HTTP service to which the
> AuthenticationStatement will be sent. This service must then access the
> AA to get the user's attributes and perform the authorization tasks to
> decide if the user finally can access to the target.
That is the location at which the SAML message is sent. Whether a query
happens depends on other factors and is not required.
-- Scott
- standalone authentication request to the Identity provider, Manuel Sánchez Cuenca, 12/15/2005
- Re: standalone authentication request to the Identity provider, Tom Scavo, 12/15/2005
- Re: standalone authentication request to the Identity provider, Manuel Sánchez Cuenca, 12/15/2005
- RE: standalone authentication request to the Identity provider, Scott Cantor, 12/15/2005
- Re: standalone authentication request to the Identity provider, Manuel Sánchez Cuenca, 12/15/2005
- Re: standalone authentication request to the Identity provider, Tom Scavo, 12/15/2005
Archive powered by MHonArc 2.6.16.