shibboleth-dev - RE: [Shib-Dev] idp-initiated SSO

Subject: Shibboleth Developers

List archive

RE: [Shib-Dev] idp-initiated SSO

From: "Scott Cantor" <>
To: <>
Subject: RE: [Shib-Dev] idp-initiated SSO
Date: Tue, 7 Oct 2008 12:33:56 -0400
Organization: The Ohio State University

> That's an interesting question. I don't how you could tell a 3rd-party
> initiated request from an SP-initiated one, at the IdP, unless you
> required signed requests (which we don't).

Well, we don't by default, that's up to the deployer. But the answer is, I
proposed an extension for either unsigned or signed requests that
distinguishes them, and makes it possible to make the mechanics all work
without violating the profile.

Sometimes it takes people a while to figure out why I propose things. ;-)

-- Scott

idp-initiated SSO, yangling_1985, 10/06/2008
- Re: [Shib-Dev] idp-initiated SSO, Chad La Joie, 10/06/2008
- Re: [Shib-Dev] idp-initiated SSO, Nate Klingenstein, 10/06/2008
  - RE: [Shib-Dev] idp-initiated SSO, Jeff.Krug, 10/07/2008
    - Re: [Shib-Dev] idp-initiated SSO, Chad La Joie, 10/07/2008
      - RE: [Shib-Dev] idp-initiated SSO, Scott Cantor, 10/07/2008
        
        RE: [Shib-Dev] idp-initiated SSO, Peter Williams, 10/07/2008
        
        RE: [Shib-Dev] idp-initiated SSO, Scott Cantor, 10/07/2008
    - RE: [Shib-Dev] idp-initiated SSO, Scott Cantor, 10/07/2008
      - RE: [Shib-Dev] idp-initiated SSO, Jeff.Krug, 10/07/2008
        
        RE: [Shib-Dev] idp-initiated SSO, Scott Cantor, 10/07/2008
        
        Message not available
        
        RE: [Shib-Dev] idp-initiated SSO, Scott Cantor, 10/07/2008
        
        RE: [Shib-Dev] idp-initiated SSO, Peter Williams, 10/07/2008
        RE: [Shib-Dev] idp-initiated SSO, Scott Cantor, 10/07/2008
        
        RE: [Shib-Dev] idp-initiated SSO, Peter Williams, 10/17/2008
        
        RE: [Shib-Dev] idp-initiated SSO, Scott Cantor, 10/17/2008

List archive

RE: [Shib-Dev] idp-initiated SSO