[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [saml-dev] Question about TARGET
Hi Ignasi, >> >> >>In Browser/POST Profile, the TARGET is trasfered in step 1,2 >>and 3 is for >>checking with samlp:Recipient for Contermeasure MITM Attack >>(4.1.2.7.2), >> This is not correct. The Browser/POST profile Section 4.1.2.7.2 (lines 740-745) requires the destination site to check the "Recipient" attribute of the SAML response against the <assertion consumer host name and path>. >>but >> >>Why is transfered TARGET in step 1,2 and 3 in >>Browser/Artifact Profile of >>SAML ??? >> The TARGET name-value pair is used in a uniform fashion in both profiles. It is always a string (typically a URL) that indicates the object of interest at the destination site. The destination site will usually re-direct the user to this URL after validating the transferred assertion. - prateek >> >> >>---------------------------------------------------------------- >>To subscribe or unsubscribe from this elist use the subscription >>manager: <http://lists.oasis-open.org/ob/adm.pl> >>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC