[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] Informing SP about session invalidated in IDP
Please keep replies to the list. * Phalguni Mukherjee <phalgunimukherjee1007@gmail.com> [2014-01-29 14:25]: > On Wed, Jan 29, 2014 at 6:44 PM, Peter Schober wrote: > > * Phalguni Mukherjee <phalgunimukherjee1007@gmail.com> [2014-01-29 13:59]: > > > I have implemented security for my application with SAML and it > > > works fine. But I have a special scenario in which if the user > > > tries to access my service from a particular machine(IP), the > > > user should not be sent for authentication but should be given > > > direct access to the application.Can someone help me out if its > > > possible in SAML? In other words, something like granting a life > > > time certificate for the application to that machine. > > > > I'd just sidestep the use of SAML for requests from that IP range. > > can you explain me how it is possible? The "don't initiate/require SAML authentication from this IP range" by definition has nothing to do with SAML, but everything with your web application. I don't know what you expect here. In httpd 2.2.x configuration terms someting along the lines of Allow from 192.168.0. Satisfy Any -peter
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]