[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Shibboleth Use Case Supported?
In Shibboleth is *seems* that the request order is like the following: 1. A client tries to access a protected resource at a remote site 2. An associated auth-service asks the client to identify its "home" domain 3. The auth-service signs a message indicating what kind of authorization/authentication it wants and through redirect that is sent back to the home domain 4. The home domain authority creates a suitable signed credential for the client who trough another redirect hands over to the protected resource In the S2ML draft I see no support for this and AuthXML lacks descriptions on this level so I can't really tell. Nevertheless, this is a *VERY* important scenario that should be a part of the use cases. Bob, do you anticipate that Shibboleth docs will be available throuout the dev. process? Will you notify us when there are updates? Regarding descriptions of complex protocols such as above, I think that the method used by the SET designers is much better than in any of the documents mentioned as a reference for this work. Horizontal => Entities Vertical => Time-line and protocol steps with lines between entities involved Anders
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC