[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [Possible Spam] Re: [saml-dev] Any 3 leg profile?
On Wed, Feb 27, 2013 at 9:34 AM, Ben Hanson <ben.hanson@virginmedia.co.uk> wrote: > You could like at a rich client use case. Although in the name its > for.......Rich Clients. > > Post Redirect is always the preferred option imo. I found a reference to an "OIOSAML Rich Client to Browser Scenario", which talks much of what we're doing. The detail that it does is it sends an unsolicited Response to the SP to facilitate the login. That had not occurred to me, mostly because I was interested in getting a session engaged with the IdP. With an unsolicited Response, that's not necessarily the case. I was hoping to engage the IdP because in our case it can act as a central auditing point (the apps audit also, but this gives us another avenue of audit and control -- for example, an admin can kick users off the overall system from the IdP if there's a session established). This is what my little Pooh brain has schemed up, basically. http://d.pr/i/xL5h Thanks Ben. Regards, Will Hartung (willh@mirthcorp.com) -- CONFIDENTIALITY NOTICE: The information contained in this electronic transmission may be confidential. If you are not an intended recipient, be aware that any disclosure, copying, distribution or use of the information contained in this transmission is prohibited and may be unlawful. If you have received this transmission in error, please notify us by email reply and then erase it from your computer system.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]