OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [security-services] Web SSO <AuthnRequest> conformance


> Using HTTP Post is not best alternative, as the IDP site is 
> typically a "protected" site that may require the user to provide their 
> credentials. If HTTP Post is used, the caching of the <AuthnRequest> at
> the IDP site (while the user authenticates) adds additional work/overhead.

> Versus using HTTP Artifact.

Umm, won't work. ;-)

You can't authenticate the user until after you see the AuthnRequest. There
are too many flags in there controlling how authentication happens to
possibly do it ahead of time.

-- Scott



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]