[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] SLO Profile Question
On 10/11/11 1:00 PM, "Paul Hethmon" <paul.hethmon@clareitysecurity.com> wrote: >In the SAML Profiles spec document, section 4.4.2, there is a figure 3 >showing the flow during a SLO sequence. My question is whether the final >LogoutResponse to the initiating service provider should actually >redirect the user's browser (using front channel) > back to the initiating service provider? Message sequence diagrams are about messages only. They have no normative implications for UI. If the binding is Redirect, then there's a redirect, but that has no prescriptive requirement for whether it's a frame doing the redirect or not. SAML only addresses what's on the wire. Whenever it tries to do more, it's usually a mistake, and ends up causing more problems than it solves. The attempts to mandate error handling are a good example. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]