[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] Informing SP about session invalidated in IDP
On Sat, Jan 18, 2014 at 1:00 AM, Phalguni Mukherjee <phalgunimukherjee1007@gmail.com> wrote: > I was trying to use SAML through SSO,my question is when a session becomes > invalid in IDP, how does IDP notifies this to SP Unlike newer cross-domain SSO solutions (such as OpenID Connect), SAML has no session management built into the spec. Yes, an *implementation* of SAML Web Browser SSO will have to deal with sessions but the *specification* is silent on this point. As a practical matter, session management is handled independently at the IdP and SP (which is why SAML Single Logout doesn't really work). > if I have multiple copy of > SP sitting in geographically distributed region sitting behind a load > balancer,how the message reaches a particular SP as the DNS name for all > will be same. Given the above, I think you can now see that that is irrelevant. Hope this helps, Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]