[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] multiple SingleLogoutService elements with identical Binding
On 10/7/13 9:43 AM, "Tom Scavo" <trscavo@gmail.com> wrote: >On Mon, Oct 7, 2013 at 9:40 AM, Cantor, Scott <cantor.2@osu.edu> wrote: >> >> Logout, like a lot of the spec, was geared to the federation gateway use >> case and not the "resource-adjacent" approach that Shibboleth uses to >> unify enterprise and federated SSO. > >Scott, can you explain what you mean by "resource-adjacent"? SAML endpoints with vhosts that match those of actual resources, and by extension needing endpoints for every vhost on which one hosts resources. The "scaling" issues with this in terms of endpoint proliferation arise because of the goal of supporting the protocol natively without supplementing it with a proprietary SSO protocol between a federation gateway and the actual SSO agent. In Shibboleth the "agent" speaks SAML, unlike virtually all other enterprise-class solutions. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]