[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [regrep] [RS Issue] Internal Vs. External Users
Matt, OK. So this is over an above the SSO SMP support that Farrukh noted that we have already. I'm trying to understand the use case here a bit better. With the SAML SSO request its clear that a user to trying to authentic using the SAML services. So - we need to boot strap that - what happens the first time a user logs in - and we do not know they have a SSO account yet? Brainstorming here - they go to "create new registry user" - and there they will have the chance to select "Use existing SSO account", etc. I'm trying to see why the registry would need to query for a whole list of users - unless its a help function - to prompt the user to pick an existing account from a list? Obviously that is prone to security violations and brute force password attacks... DW ----- Original Message ----- From: "Matthew MacKenzie" <mattm@adobe.com> To: "David Webber (XML)" <david@drrw.info> Cc: "Farrukh Najmi" <Farrukh.Najmi@Sun.COM>; <regrep@lists.oasis-open.org> Sent: Monday, January 24, 2005 8:31 AM Subject: Re: [regrep] [RS Issue] Internal Vs. External Users > Not exactly David. SAML is not the whole story. How does a SAML > assertion parlay into a list of users when a registry client makes a > request asking for User instances? > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]