[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] I have created a sample SSO scenario; Am I understanding correctly how SAML is to be used?
> > How would the airline service know that the user has clicked > on the link? The web page that contains the link is in the > user's browser; the airline service has no way of knowing > whether or not the user will follow the link. /Roger Not that I think this is necessary for the solution (I sent that answer separately), but the push model for SAML does work pretty easily. In this case, I would have the link go back to a redirector link at the Airline which would perform an unsolicited authn response to the car rental agency. This model is used in several B2B Liberty Id-FF implementations to push out an enterprise identity to a remote partner. That said, I still think this model is unnecessary in the typical case as the SP simply asks the IdP "who is this guy" when the "guy" controlling the browser goes to the SP's protected resource/URL/whatever. Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]