[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] I have created a sample SSO scenario; Am I understanding correctly how SAML is to be used?
1. The Airline Pushes an Unsolicited SAML Authentication Response to the Car Rental AgencyIn this approach the user makes his way to the car rental service via an indirect route. Clicking on the link doesn't take him to the car rental service; instead, it takes him back to the airline service. Here's the link's URL:Note the query parameter (the param=value pair after the question mark).The airline service is activated and constructs an Authentication Response XML document. It then does an HTTP redirect (using the value of the TARGET query parameter), redirecting the user to the car rental service, and attaches the Authentication Response XML document as the payload of the HTTP redirect.QUESTION: When doing an HTTP redirect, can you add a payload? I thought a redirect was just altering an HTTP GET URL to a different URL? Is it really an HTTP redirect that occurs? I am fuzzy on what happens between the time the user clicks on the link, to the time he arrives at the car rental agencies' service.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]