[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SAML 2.0 & Authentication mechanism [service]
> My concern/question is that SAML 2.0 does not talk about how > authentication should be done using standard protocol > messages (something like that of ID-WSF Authentication > Service SASL messages). Correct, but this is a good thing. > Authentication > ECP <--------------------------> IDP > > Messages for the above step are problems for me. I know I can > use Authentication service for this as defined in ID-WSF > (SASL) but somehow not feeling comfortable mixing > specifications in implementation. You're already mixing plenty of specs (TLS, HTTP, etc). SAML doesn't need to define authentication protocols other than those using SAML as an authentication protocol (which is what the SSO profile is). If the SASL over SOAP approach seems good for your use case, I'd use it. OTOH, if sending a password over TLS with basic-auth is good enough and you don't need the flexibility SASL has, I'd probably use that, since it's easier. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]