shibboleth-dev - RE: [Shib-Dev] yet another java SP implementation....
Subject: Shibboleth Developers
List archive
- From: "Cantor, Scott E." <>
- To: "" <>
- Subject: RE: [Shib-Dev] yet another java SP implementation....
- Date: Mon, 3 Jan 2011 19:19:32 +0000
- Accept-language: en-US
> > 2) Are there additional checks that the project would recommend that
> > they implement ?
>
> All the checks the Shibboleth SP does.
In particular, they need to read SAML core on assertion "validity" and
implement all the core and profile-specific checks that are needed to ensure
that. That means all conditions, rejecting unknown conditions, and evaluating
subject confirmation in accordance with the profile.
> There is no such thing as a IdP-first web browser profile so no the IdP
> doesn't support it. You'll have create a mock authn request and send it
> to the IdP.
I guess more precisely, there is a such a profile, but it contains an
undefined step 1 (same one that was undefined in SAML 1.1, how you trigger
it). We have no such support because we're (or at least I'm) reluctant to
commit to defining such a step.
-- Scott
- [Shib-Dev] yet another java SP implementation...., Steven Carmody, 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Chad La Joie, 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., McDermott, Michael, 01/03/2011
- RE: [Shib-Dev] yet another java SP implementation...., Cantor, Scott E., 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Steven Carmody, 01/03/2011
- RE: [Shib-Dev] yet another java SP implementation...., Cantor, Scott E., 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Steven Carmody, 01/03/2011
- RE: [Shib-Dev] yet another java SP implementation...., Cantor, Scott E., 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Christopher Bongaarts, 01/03/2011
- RE: [Shib-Dev] yet another java SP implementation...., Cantor, Scott E., 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Steven Carmody, 01/03/2011
- RE: [Shib-Dev] yet another java SP implementation...., Cantor, Scott E., 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Chad La Joie, 01/03/2011
- RE: [Shib-Dev] yet another java SP implementation...., Cantor, Scott E., 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Chad La Joie, 01/03/2011
- RE: [Shib-Dev] yet another java SP implementation...., Cantor, Scott E., 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Chad La Joie, 01/03/2011
- RE: [Shib-Dev] yet another java SP implementation...., Cantor, Scott E., 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Steven Carmody, 01/03/2011
- Re: [Shib-Dev] yet another java SP implementation...., Chad La Joie, 01/03/2011
Archive powered by MHonArc 2.6.16.