[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] New high level SSO use cases
> In Scenario 1-1 (SSO with destination site first), I assume > that the user may or may not have been authenticated at the > source site. I.e., once the user is redirected to the source > site, he/she may or may not have to actually authenticate via > permanent credentials. That's true. I copied the basic structure for the SSO diagrams from the original SAML use case document. > If an authenticated session exists > between the user and the source site, then the source site > simply produces the artifact/assertion. If my assumption is > incorrect, perhaps we need to add a new scenario to cover > this flow. If it is correct, it may be worthwhile stating it > explicitly. Certainly, I can clarify it. By Authenticate, I just mean demonstrate proof of identity, which may be via any means, including implicitly based on past acts. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC