[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [saml-dev] SAML Interoperability Demo and the 5 URLs
Jahan, Yes, you are right. My oversight. Thanks Bhavna >Date: Fri, 17 May 2002 12:02:37 -0700 >From: Jahan Moreh <jmoreh@sigaba.com> >Subject: RE: [saml-dev] SAML Interoperability Demo and the 5 URLs >To: "'Bhavna Bhatnagar'" <bhavna.bhatnagar@sun.com>, pmishra@netegrity.com, Irving.Reid@baltimore.com >Cc: saml-dev@lists.oasis-open.org >MIME-version: 1.0 >X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 >Content-transfer-encoding: 7BIT >Importance: Normal >X-Priority: 3 (Normal) >X-MSMail-priority: Normal >List-Owner: <mailto:saml-dev-help@lists.oasis-open.org> >List-Post: <mailto:saml-dev@lists.oasis-open.org> >List-Subscribe: <http://lists.oasis-open.org/ob/adm.pl>, <mailto:saml-dev-request@lists.oasis-open.org?body=subscribe> >List-Unsubscribe: <http://lists.oasis-open.org/ob/adm.pl>, <mailto:saml-dev-request@lists.oasis-open.org?body=unsubscribe> >List-Archive: <http://lists.oasis-open.org/archives/saml-dev/> >List-Help: <http://lists.oasis-open.org/elists/admin.shtml>, <mailto:saml-dev-request@lists.oasis-open.org?body=help> >List-Id: <saml-dev.lists.oasis-open.org> > >Bhavna - >>Since there is a need to run inter site URL and art receiver url on >> different protocols one http the other https, I was thinking >> along having 2 ports open one http and the other https. >According to Prateek's spec., which follows B/A profile, the following >MUST use SSL: >1. Intersite Transfer URL: This is the place where the user sends >authentication credentials and receives the artifact. >2. Artifact Receiver: this is the place where the user sends the >artifact. > >Therefore, intersite transfer URL and art reciever url must use HTTP >over SSL. We can only use HTTP for the portal URL and assertion consumer >application > >--------------------------- >Jahan Moreh >Chief Security Architect >tel: 310.286.3070 >fax: 310.286.3076 > > >> -----Original Message----- >> From: Bhavna Bhatnagar [mailto:bhavna.bhatnagar@sun.com] >> Sent: Friday, May 17, 2002 8:30 AM >> To: pmishra@netegrity.com; Irving.Reid@baltimore.com >> Cc: saml-dev@lists.oasis-open.org >> Subject: RE: [saml-dev] SAML Interoperability Demo and the 5 URLs >> >> >> Irving, >> In our case we have the same scenario. In fact our inter site >> URL and art receiver url are the same. SOAP Responder is >> different and they all have their own path component. Since >> there is a need to run inter site URL and art receiver url on >> different protocols one http the other https, I was thinking >> along having 2 ports open one http and the other https. Not >> sure I understand why you cannot have different port numbers >> in your case though... >> >> Bhavna >> >> >Content-return: allowed >> >Date: Thu, 16 May 2002 22:47:32 -0400 >> >From: Irving Reid <Irving.Reid@baltimore.com> >> >Subject: RE: [saml-dev] SAML Interoperability Demo and the 5 URLs >> >To: "'Mishra, Prateek'" <pmishra@netegrity.com> >> >Cc: saml-dev@lists.oasis-open.org >> >MIME-version: 1.0 >> >List-Owner: <mailto:saml-dev-help@lists.oasis-open.org> >> >List-Post: <mailto:saml-dev@lists.oasis-open.org> >> >List-Subscribe: <http://lists.oasis-open.org/ob/adm.pl>, >> <mailto:saml-dev-request@lists.oasis-open.org?body=subscribe> >> >List-Unsubscribe: <http://lists.oasis-open.org/ob/adm.pl>, >> <mailto:saml-dev-request@lists.oasis-open.org?body=unsubscribe> >> >List-Archive: <http://lists.oasis-open.org/archives/saml-dev/> >> >List-Help: <http://lists.oasis-open.org/elists/admin.shtml>, >> <mailto:saml-dev-request@lists.oasis-open.org?body=help> >> >List-Id: <saml-dev.lists.oasis-open.org> >> > >> >>>1. http://portal.<dns_suffix> >> >>>2. https://inter-site-transfer.<dns_suffix> >> >>>3. https://receiver.<dns_suffix> >> >>>4. https://responder.<dns_suffix> >> >>>5. http://application.<dns_suffix>/application >> > >> >I forgot to mention this when I brought up port numbers. Our >> >inter-site-transfer, receiver, and responder URLs have a path >> >component, because they're all actually served by the same HTTP/SOAP >> >server process. In a normal SelectAccess configuration, URLs >> 2, 3, and >> >4 look like: >> > >> >Inter-site transfer: >> >https://xxx.baltimore.com:9985/saml_out >> > >> >Receiver: >> >https://xxx.baltimore.com:9985/saml_in >> > >> >Responder: >> >https://xxx.baltimore.com:9985/saml_responder >> > >> >We can change the port number easily (as long as they're all >> the same) >> >and play DNS games to point all the names at the same actual >> host, but >> >we can't change the path. >> > >> > - irving - >> > >> > >> >------------------------------------------------------------- >> ---------- >> >-------- >> ---------------------------------- >> >The information contained in this message is confidential and is >> >intended for the addressee(s) only. If you have received >> this message >> >in error or there are any problems please notify the originator >> >immediately. The unauthorised use, disclosure, copying or >> alteration >> >of this message is strictly forbidden. Baltimore >> Technologies plc will >> >not be liable for direct, special, indirect or consequential damages >> >arising from alteration of >> the >> >contents of this message by a third party or as a result of >> any virus >> >being >> >passed on. >> > >> >This footnote confirms that this email message has been swept for >> >Content >> Security threats, including >> >computer viruses. >> > >> >http://www.baltimore.com >> > >> > >> >This footnote confirms that this email message has been swept by >> >Baltimore MIMEsweeper for Content Security threats, including >> >computer viruses. >> > >> >---------------------------------------------------------------- >> >To subscribe or unsubscribe from this elist use the subscription >> >manager: <http://lists.oasis-open.org/ob/adm.pl> >> >> ______________________________________________________________ >> __________ >> Bhavna Bhatnagar Sun >> Microsystems Inc. >> Identity Management group __o >> Tel: 408-276-3591 _`\<,_ >> (*)/ (*) >> ______________________________________________________________ >> __________ >> >> >> >> >> ---------------------------------------------------------------- >> To subscribe or unsubscribe from this elist use the subscription >> manager: <http://lists.oasis-open.org/ob/adm.pl> >> > > >---------------------------------------------------------------- >To subscribe or unsubscribe from this elist use the subscription >manager: <http://lists.oasis-open.org/ob/adm.pl> ________________________________________________________________________ Bhavna Bhatnagar Sun Microsystems Inc. Identity Management group __o Tel: 408-276-3591 _`\<,_ (*)/ (*) ________________________________________________________________________
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC