[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] attributeexchange: where to add the receiver
Hi Chris; > I am working on an attribute exchange of 2 providers about a user. The > "serviceprovider" sends an attributequery to the "identityprovider". > The identityprovider checks, if the serviceprovider is allowed to get the > attributes and sends back an attributestatement. But how does he know where > to send it back, if there is no providerid oder url of the serviceprovider > intended in an attributequery? Assuming that this message exchange is done across the SOAP over HTTP binding of SAML, could you not just respond to the serviceprovider's HTTP request (containing the SAML Request) with an HTTP response (containing the SAML Response)? If that isn't an option, could you associate a SAML consumer URL ( or whatever address scheme fits with your message transport ) with each serviceprovider authenticated identity? In other words, once a serviceprovider authenticates with the identityprovider, the identityprovider queries a database for the appropriate SAML consumer address for that serviceprovider. HTH, jim christopher
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]