saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] how to verify the sender of a SAML authn request

From: "Cantor, Scott" <cantor.2@osu.edu>
To: Mitu Singh <mitusingh27@yahoo.com>, "saml-dev@lists.oasis-open.org" <saml-dev@lists.oasis-open.org>
Date: Thu, 1 Aug 2013 22:12:49 +0000

On 8/1/13 5:44 PM, "Mitu Singh" <mitusingh27@yahoo.com> wrote:
>
>I have a question regarding the SAML Authentication Request. When an IDP
>receives a SAML authentiocation request, how can they validate the sender
>of the request? The issuer name, provider name,
>AssertionConsumerServiceURL and the signature are all optional.

They aren't optional in the context of specific profiles.

-- Scott

Follow-Ups:
- Re: [saml-dev] how to verify the sender of a SAML authn request
  - From: Mitu Singh <mitusingh27@yahoo.com>

References:
- how to verify the sender of a SAML authn request
  - From: Mitu Singh <mitusingh27@yahoo.com>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]