OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Question about transferring data between sites



I’m currently working on a PoC for SSO using SAML 2.0 and I understand how the assertion contains information about the user so that the user can be authenticated by the Service Provider, but I’m trying to figure out the best way to include a fairly large amount of information that needs to be used in the application of the Service Provider.


For example, the destination application needs to receive 1000 characters of comment data that is used after the user is authenticated by the SP.


So, is it appropriate to include this information as part of the assertion or is there a better way to transfer this data? 


Has anyone worked with including the information as part of the initial call when the artifact is passed to the SP?




Chris Sharp


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]