shibboleth-dev - Re: SAML Artifact attribute
Subject: Shibboleth Developers
List archive
- From: "Tom Scavo" <>
- To:
- Subject: Re: SAML Artifact attribute
- Date: Wed, 26 Apr 2006 10:23:49 -0400
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=ah09eqkqBVNDZFxjJKCt5oOeQFqp/vpOfVg2w20hJb3/jFXQErNpx0QwM8udSRGVE/j2Om+fH5Pb8sX4qE0oa5lF1IL0tRbIzXNQ7WNLsIgTiTCUZGXIKdL/0FnF/RFgfIp/YjnPxlmJYIkKF6KF3hW8crgiGBZbZ6h/akEC4tM=
On 4/26/06,
<>
wrote:
> What is SAML artifact ?
An artifact is a reference to a SAML assertion, passed from an IdP to
an SP, dereferenced in a later back-channel exchange. This is in
contrast to Browser/POST where the actual assertion is passed by
value.
> While HS (IDP) responds after authentication to
> ACS (SP), it is sending the target URL and the SAMLResponse, is there
> anyway i can get the SAML artifact attribute as well.
An artifact is not an attribute. It is passed in the redirection URL
from IdP to SP. The SP takes the artifact and sends it in a
back-channel SOAP request to the IdP who returns the corresponding
assertion.
Basically, an artifact precludes the need to send SAML assertions
through the browser. Depending on your particular use case, this may
be a Good Thing.
Tom
- SAML Artifact attribute, johnson.kaniampurath, 04/26/2006
- Re: SAML Artifact attribute, Walter Hoehn, 04/26/2006
- Re: SAML Artifact attribute, Tom Scavo, 04/26/2006
- <Possible follow-up(s)>
- RE: SAML Artifact attribute, johnson.kaniampurath, 04/27/2006
- RE: SAML Artifact attribute, Scott Cantor, 04/27/2006
- RE: SAML Artifact attribute, Scott Cantor, 04/27/2006
- Re: SAML Artifact attribute, Velpi, 04/27/2006
- Re: SAML Artifact attribute, Walter Hoehn, 04/27/2006
- RE: SAML Artifact attribute, Scott Cantor, 04/27/2006
Archive powered by MHonArc 2.6.16.