[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] New Provision Profile for NSN/Oracle Attribute Mgmt Discussion
> 6. Based on SLA, the SP issues a SSO Provisioning request by issuing > an IDP initiated request (unsolicited response). The response contains > an attribute "RelayState" set to some value meaningful to the > TargetIDP. In this case, RelayState might be set to "Provision" or > "AddSubject". Question: Should relayState value be profiled in the > standard? Personally, I would use an Extension to the Response if you're trying to profile some additional communication to the TargetIdP. Perhaps an extension that signals the provisioning operation and a location to respond back to, or even an actual AuthnRequest tunneled inside the Response if something that rich were required, to avoid the extra round trip. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]