saml-dev message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Use of ECP Profile
- From: "Jean-Noel Colin" <jean-noel.colin@oxys.be>
- To: <saml-dev@lists.oasis-open.org>
- Date: Mon, 25 Oct 2004 12:25:10 +0200
Hello,
I'm working on
adapting the ECP profile (SAML 2.0) to our own Identity Management case.
Basically, we have
principals connecting to a local environment, where they authenticate using any
mechanism. From that environment, they are able to invoke remote services; so
the use of ECP seems straightforward
However, I'm
wondering how I could design Service chains, where a user would invoke a remote
service which in turn would invoke another service, building a chain of
arbitrary size.
If I base myself on
the ECP profile, I guess that each service should send its own AuthnRequest to
the IdentityProvider, but as the services may be distributed, I don't think I
could use the Identity Provider Discovery Profile, which requires a common
domain.
So is there a way
for the original request for service to carry information about which IP to use
for all authentication acts?
Best
regards,
Jean-Noel
Colin
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]