OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: RE: Quick Question Regarding SAML Article...


The situation you describe fits one of our use cases. Assuming proper implementation and configuration, the use of SAML should allow SSO across security domains managed by distinct products. However, the fact that this works will not be a consequence of the fact that they both use the same LDAP directory, but will result from the fact that they both agree to trust a common Authentication Authority (or set of Authorities).
 
Hal
-----Original Message-----
From: jvester@meritagetech.com [mailto:jvester@meritagetech.com]
Sent: Monday, June 04, 2001 3:54 PM
To: security-services-comment@lists.oasis-open.org
Subject: Quick Question Regarding SAML Article...

Hello Everyone!!!

Originally, I sent a message to Dennis Fisher (eWeek/Ziff Davis) regarding an article he had written on SAML and an issue I've encountered.  He then told me to forward the message to Eve, who asked me to forward this message to you.  Please see the issue below and, if you have time, let me know if you feel that SAML will be a potential resolution to such issues.

Thank you, very much, for all your time!
_______________________________________________
Thanks!
John Vester, Technical Lead/Principal Analyst
Meritage Technologies
11595 Meridian Street, Suite 701
Indianapolis, Indiana 46032
Phone: (317) 706-7800 extension 203
jvester@meritagetech.com

Meritage Technologies (http://www.meritagetech.com) -- Ranked #15 on the 2000
Inc. 500 list of fastest-growing, privately held companies in the U.S.

"...a spirit with vision is a dream, with a mission..."


John Vester
06/04/2001 09:24 AM

To: dennis_fisher@ziffdavis.com
cc:
bcc: John Vester/Ind/Information Engineering
Subject: Quick Question Regarding SAML Article...


Hey Dennis!

I wanted to ask a question about SAML, one that has been tough to locate an answer on - regardless of my search efforts.

The issue I am having is I have Domino as my LDAP server. I use IIS on a portal application, which end-users login to based upon the LDAP information that is stored in Domino. This works great.

However, when the user hits a URL that is on one of the Domino servers (same domain and Domino is using SSO for it's own network), they are prompted to login again. They are authenticated using the same directory (via LDAP), but Domino does not see/understand this and prompts for authentication.

My question is, will SAML actually resolve these issues?

_______________________________________________
Thanks!
John Vester, Technical Lead/Principal Analyst
Meritage Technologies
11595 Meridian Street, Suite 701
Indianapolis, Indiana 46032
Phone: (317) 706-7800 extension 203
jvester@meritagetech.com

Meritage Technologies (http://www.meritagetech.com) -- Ranked #15 on the 2000
Inc. 500 list of fastest-growing, privately held companies in the U.S.

"...a spirit with vision is a dream, with a mission..."



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC