[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] returning multiple IdP entityIDs to the SP
On 8/17/12 8:11 PM, "Tom Scavo" <trscavo@gmail.com> wrote: >In section 2.4 of the "Identity Provider Discovery Service Protocol >and Profile," it says "The discovery service interacts with the >principal via the user agent to establish one or more suitable >identity providers" and "The discovery service redirects the user >agent back to the service provider with the selected >identity provider(s)," which suggests that multiple IdP entityIDs may >be discovered. I think that's because I didn't want to preclude having extensions to the "policy" bit that would permit more than one. >which also suggests that multiple IdP entityIDs may be stored. In >section 2.4.3, however, it suggests that the value of the entityID >parameter is a single IdP entityID. Is this true? Is the intent of the >protocol/profile to return a single IdP entityID to the SP? If so, >why? Because in all existing scenarios, that's the only useful outcome, so the "default" policy behavior was specified to match that outcome. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]