[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] AuthnQuery on Synchronous Bindings
Celsus, at a high level, AuthnQuery is a query about an authentication that has taken place already. What you are describing below is an authentication request which is supported by AuthnRequest over a front-channel (async) binding.
WSS could be used to do a back-channel (sync) binding. I don't believe there is any way in Saml to do an authentication request using a sync binding.
Tom.
-----Original Message-----
From: Celsus Kintanar [mailto:celedor@gmail.com]
Sent: Thursday, June 09, 2005 8:28 AM
To: saml-dev@lists.oasis-open.org
Subject: [saml-dev] AuthnQuery on Synchronous Bindings
Hello,
I have been studying the SAML 2.0 for quite some time, and cannot see the applicability of the AuthnQuery over a synchronous binding. For SSO, the SP tells the client to authenticate at the IdP, then come back with the needed assertions. If specific information is needed that the client must not hold, then the Artifacts are available.
Having the SP gather the credentials from the client and going directly to the SP seems to complicate things (furthermore, I cannot see how the credentials can be placed into the AuthnQuery).
I guess what this means is that the AuthnQuery profile is not meant for SSO. Could someone please enlighten me as to what it is for, and how it may be used?
Thanks,
Celsus
---------------------------------------------------------------------
To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: saml-dev-help@lists.oasis-open.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]