Subject: Re: [saml-dev] Sessions and SSO.
Conor P. Cahill wrote: > I think we're deep into the nuances of the interpretation of English > here (a bad place to be in many cases), but I think it isn't as clear > cut as a yes/no answer. > > First in discussing SSO, one could argue that authenticating at > one party (the IdP) and using that authentication at another party > (the SP) is SSO, even if you have to perform the authentication > steps every time an SP requests an assertion. You're right (and in the later comments). I have in the past even defined a web SSO protocol's function as the creation of a session on one vhost based on a session on another, which is even more generic. I actually do prefer the term "HTTP authentication profile" to SSO profile, though. Just wasn't practical to change it. -- Scott