[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: SAML 2.0 & Authentication mechanism [service]
SAML 2.0 defines a ECP profile which is an
extension to LECP of ID-FF because ECP talks about PAOS Binding (taken from
ID-WSF specification) in the profile and thus
makes the specification of this profile more
complete & concrete.
My concern/question is that SAML 2.0 does not
talk about how authentication should be done
using standard protocol messages (something like that of ID-WSF Authentication
Service SASL messages).
For eg. in ECP profile.
ECP ---> SP [ Send HTTP Request ]
SP ---> ECP [Send AuthnRequest using PAOS
binding]
Authentication
ECP
<--------------------------> IDP
Messages for the above step are problems for me. I
know I can use Authentication service for this as defined in ID-WSF
(SASL) but somehow not feeling comfortable mixing specifications in
implementation.
Plase advise me for this concern of
mine.
Kapil Sachdeva
http://www.dotnetcard.com/blogs/ksachdeva |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]