OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [saml-dev] Howdy and a few questions...



I’m new to the list hopefully these won’t be asked and answered. I did a google search and couldn’t find the answers. I’m working on a SSO solution here at UCSD. We have decided to use SAML as part of the overall solution. I’m in the process of implementing an authentication service that will work with all our web based applications and eventually will also work with mainframe and other fatter apps.


My understanding of SAML is that it happens after authentication has already taken place. Using the browser/artifact profile of SAML is it evil to set things up so that when a user is redirected to the Inter-site transfer service that it notices that they have not authenticated and then prompts them to authenticate before returning them back to the destination site?


The target element is used to convey information about the desired target resource. How do we differentiate between a target resource and the actual url that the users browser is requesting? Should these things be the same all the time?


What should be the response when a user has not authenticated or can not authenticate?


Is there  a place that holds a set of example SAML dialogs running through the standard use cases that I can use to verify my understanding of the general workings of things?




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC