[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Public Comment
Comment from: L.Beekmann@intershop.com Name: Lars Beekmann Title: Diplomand Organization: Intershop Regarding Specification: SAML 2.0 Hi @ all, could anyone tell me, what where the reasons that in the SAML Use-Cases e.g. Browser/Artifact SSO profile there is no direct communication between SP and IdP when the <AuthRequest> / <AuthResponse> are sent. The point of my question is, that IdP and SP know each others SAML-SOAP-Endpoints so why do they need to communicate by sending artifacts via e.g. HTTP Redirect instead of directly sending SAOP messages to each other? Are there security reasons? Thanks for your help! Lars Beekmann
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]