[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] Seeking clarity on the Conformance specification,Table 2
On 6/20/06 7:57 AM, "Costello, Roger L." <costello@mitre.org> wrote: > Hi Folks, > > I am not clear on what is being stated in Table 2 of the Conformance > specification. > > Here is a snippet of Table 2: > > Feature | IdP | SP > --------------------------------------------------------- > Web SSO, <AuthnRequest>, | MUST | MUST > HTTP redirect > > Question: how do I interpret this? Is it saying, > > łTo be SAML 2.0 compliant, an Identity Provider (IdP) and a Service Provider > (SP) MUST implement the Web Browser Single Sign-on (SSO) profile; a SP MUST be > able to issue an Authentication Request (<AuthnRequest>) using the HTTP > redirect mechanism.˛ Yes, basically. Of course, this is sort of meaningless without the other piece, which is the next row of Table 2: Web SSO <Response>, HTTP POST. Together, these two rows mean that the SP must: - issue an AuthnRequest over the HTTP redirect binding - perform all processing steps associated with the <Response> to achieve SSO And an IDP must be able to - consume the AuthnRequest and perform all the required processing steps. - Issue a proper <Response> (or an error) according to the processing rules, to achieve SSO. If you want to see a greatly expanded discussion of the conformance requirements, you could look at the SAML 2.0 Interoperability Testing Procedures (currently at v1 but soon to be updated to v2) at http://www.projectliberty.org/activities/conformance.php second link on the right. ET -- ____________________________________________________ Eric Tiffany | eric@projectliberty.org Interop Tech Lead | +1 413-458-3743 Liberty Alliance | +1 413-627-1778 mobile
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]