[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-services] New high level SSO use cases
Scott, Good document, but I have a question/comment. Is the user deciding where the source site is which (s)he needs to authenticate against ? I assume not, since the document states in all scenarios " Destination site redirects the user to a source site". If that's the case the picture for Use case 1: between lines 64 and 65 should show somehow that its a redirection and not self initiated call to authenticate to source site, same for all the other UML flows, unless I have not understood the flow correctly. Thanks Bhavna >Date: Thu, 30 Jan 2003 20:46:52 -0500 >From: Scott Cantor <cantor.2@osu.edu> >Subject: [security-services] New high level SSO use cases >To: SAML <security-services@lists.oasis-open.org> >MIME-version: 1.0 >X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 >Importance: Normal >X-Priority: 3 (Normal) >X-MSMail-priority: Normal >List-Owner: <mailto:security-services-help@lists.oasis-open.org> >List-Post: <mailto:security-services@lists.oasis-open.org> >List-Subscribe: <http://lists.oasis-open.org/ob/adm.pl>, <mailto:security-services-request@lists.oasis-open.org?body=subscribe> >List-Unsubscribe: <http://lists.oasis-open.org/ob/adm.pl>, <mailto:security-services-request@lists.oasis-open.org?body=unsubscribe> >List-Archive: <http://lists.oasis-open.org/archives/security-services/> >List-Help: <http://lists.oasis-open.org/elists/admin.shtml>, <mailto:security-services-request@lists.oasis-open.org?body=help> >List-Id: <security-services.lists.oasis-open.org> >Original-recipient: rfc822;bhavna.bhatnagar@sun.com > >And I do mean high level. > >I think I captured the primary one Jahan and Prateek (among others) were discussing (which is more or less what Shibboleth has, >roughly speaking). > >I then included a pair of scenarios that in my mind capture most of my "fancy" requirements at a non-technical level; that is, >having the ability to pass context information (of whatever sort) from destination to source to affect the SSO process. > >This would presumably be, in Bob Morgan's words, "a structured, extensible format", and is obviously ground plowed by Liberty phase >1. > >Anyway, I included a few names as additional contributors on this individual submission, but please let me know if you violently >object to something and want your name taken off. ;-) > >-- Scott ________________________________________________________________________ Bhavna Bhatnagar Sun Microsystems Inc. Identity Management group __o Tel: 408-276-3591 _`\<,_ (*)/ (*) ________________________________________________________________________
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC