Shibboleth Developers

[Kobe <>]

I am trying to extend an ECP client implementation written by Jonathan Teller
(http://shibboleth.1660669.n2.nabble.com/Basic-auth-authentication-using-IdP-td6156219.html).

a) I read through the ECP profile in the SAMl2 profiles document and do not
understand how
to authenticate the principal with the IdP. My ECP client is a front for web
services that send
the credentials in basic auth headers. These services are not capable of
dealing with 
a pfresentation based authentication mechanism. Hence the need for ECP. The
ECP client 
would obtain the AuthnRequest from the SP and needs to send it to the IdP
for
authentication.

What I do not understand from the lines 814-818, lines 876-886 and lines
1089-1094
is how do I convey the credentials from the basic auth headers to the IdP as
a part 
of the ECP-IdP dispatch of the SP-issued AuthnResponse. 

b) Once the ECP client obtains the assertion from the IdP and the ECP client
has identified the
assertion consumer URL from SP's original message (lines 1052-1056), with
what protocol
(HTTP-GET or PUT) do I convey the
assertion to the SP and obtain the SP-specific session token? 

Any explanations greatly appreciated...

/K

--
View this message in context: 
http://shibboleth.1660669.n2.nabble.com/ECP-IdP-interaction-tp6179090p6179090.html
Sent from the Shibboleth - Developers mailing list archive at Nabble.com.