[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: new to OpenSAML
> www.abc.com will authenticate the user. If authentication succeeds,
> www.abc.com will create an SAML AuthenticationResponse ( in
> corrrelation to SAML Request sent by www.xyz.com, see document for
> details ) containing SAML Authnetication Assertions.
This is incorrect interpretation. SAML assumes that a user has previously
authenticated against the Authentication Authority. The Authentication Request
is a request for information about this previous event.
SAML1.1 core spec , 3.3.3 Element <AuthenticationQuery>
"The <AuthenticationQuery> element MUST NOT be used as a request for a
new authentication using credentials provided in the request.
<AuthenticationQuery> is a request for statements about authentication
acts that have occurred in a previous interaction between the indicated
subject and the Authentication Authority."
Best,
em
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]