[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] I have created a sample SSO scenario; Am I understanding correctly how SAML is to be used?
> Of course the problem with this (and nearly all SP-first > scenarios) is IdP discovery. How does the SP know the > principal's preferred IdP? That's an issue whether or not one knows who the user is. But of course, there are many different solutions to discovery and it probably has the largest impact on the first access to the SP. > Most likely the car rental service has numerous such business > relationships and won't know apriori which one to invoke. If > the discovery process can be avoided, which seems to be the > case here, by all means do so. I think that in this situation it will be an even split between the plus's and minus's (or should that be mini :-)). if the car rental company is only worried about people coming from the airlines, then it won't matter to them and unsolicited authn response is fine. However, if they want to encourage direct access, even for users who use the airline as an IdP, the would probably want to support the full authnrequest model. Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]