[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] the value of AuthnInstant
It's t1, isn't it? One assertion, issued at time t2, and another, issued at time t4, will both indicate that the user authenticated at time t1 -- assuming that authn session is still good, of course (e.g., re-authn isn't being forced). Eve On Feb 7, 2008, at 4:04 PM, Tom Scavo wrote: > Suppose a user presents an AuthnRequest to an IdP at time t0. Since > the user has no security context initially, the IdP challenges the > user to authenticate, which the user does successfully (at time t1). > So the IdP issues an assertion (at time t2), which the user transmits > to the SP via the browser. > > At some later time t3, the user presents another AuthnRequest to the > IdP. Since the user already has a security context, the IdP does not > challenge the user to authenticate, but rather issues an assertion (at > time t4), which again the user transmits to the SP. > > Question: What is the value of AuthnInstant in the second assertion? > > Thanks, > Tom > > --------------------------------------------------------------------- > To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: saml-dev-help@lists.oasis-open.org > Eve Maler +1 425 947 4522 Principal Engineer eve.maler @ sun.com Business Alliances group Sun Microsystems, Inc.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]