OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [saml-dev] I have created a sample SSO scenario; Am I understanding correctly how SAML is to be used?


>
> Case 1: The user's first access is to the Airline's service:
>
> QUESTION: How does the car rental service identify to the airline the
> person for which authentication information is requested?

There's nothing that says the SP has to initiate the browser profile. 
Why not simply push an authentication assertion to the assertion
consumer service when the user clicks on the car rental link at the
IdP?

Hi Tom,

How would the airline service know that the user has clicked on the
link?  The web page that contains the link is in the user's browser;
the airline service has no way of knowing whether or not the user will
follow the link.  /Roger


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]