OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [saml-dev] Question: SSO and ECP profiles sharing the same URL.




Conor P. Cahill wrote on 1/4/2005, 8:45 AM:



Dave Tessman wrote on 1/4/2005, 12:05 AM:
If I have a SAML 2.0 protected resource located at a particular URL, how does a Service Provider know that the requestor of the resource is using the Web SSO Binding or the ECP Binding?  Must they be at separate URLs or is there some mechanism (HTTP header values?) such that an ECP can let the Service Provider know that it is more than a browser?
Just a nit, but there's no such thing as a "SAML 2.0 protected resource"  there are protected resources and there are SAML 2.0 profiles that are used to identify the requestor and determine if they can have access to the resource.
and to nit my own nit... the end should be "identify the requestor (which enables the SP to determine if the requestor has access to the resource)".

Conor



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]