[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SLO IDP generated bindings.
Hi thanks you are right I'll re-frase.
Case where IDP decide to terminate session (expires or even admin intervention).
From what I understood unless there some sort of Browser polling technique, SOAP is then the only recommended option?
Thanks.
giuseppe.
-----Original Message-----
From: Scott Cantor [mailto:cantor.2@osu.edu]
Sent: Fri 01/12/2006 00:53
To: Sarno, Giuseppe (MOP:GM15); saml-dev@lists.oasis-open.org
Subject: RE: [saml-dev] SLO IDP generated bindings.
> I was thinking about the case the IDP decides to terminate a
> session (Session expires, others.)
> It should issue a SLO req to the SP/SPs involved.
> Now in this case the User Agent is not involved at all so I'm
> assuming the only possible binding to be used (and coverd by
> the spec) is any synch binding (so far only SOAP is supported).
> Is that correct ?
The browser is involved if the user initiates the logout, or if a window is
maintained somehow with some kind of polling or something.
IdP-initiated doesn't mean "user not involved", that's an orthogonal
consideration.
> Could HTTP Post be used in this case anyhow ?
HTTP POST is a browser-mediated binding, but it is implementation-dependent
whether a server can tell the difference. It should never be used in place
of SOAP, and there's really nothing to be gained from doing that.
-- Scott
Hi
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]