[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: SAML browser artifacts - The only way to go?
Prateek et al, The only browser redirect binding SAML seems to provide is through the use of a reference [artifact] that must be pulled from the source site. Why did you not consider the proposal to let a browser POST the entire assertion? This method is BTW the one used by VISA in their coming 3D Secure payment system that we will all be using sooner or later. You gain: - One network round less - Elimination of Source site storage of assertion Try it live if you want: http://buyer.x-obi.com "SAML-inspired" authentication regds Anders R
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC