OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] Saml idp in java servlet filter?

On Sun, Dec 28, 2008 at 1:17 PM, morgan packard
<hellomorganpackard@gmail.com> wrote:
> Is it typical for a SAML 2.0 idp to be a dedicated application? Or is it
> possible/common to add SAML 2.0 idp capabilities to an existing application?

An identity provider produces identity whereas an application consumes
identity.  Thus the application is more closely tied to the service
provider, not the identity provider.

> For example, I have a classified ads site, with its own user authentication
> system. I was planning on adding SAML idp capabilities to this application.
> Does this make sense, or would it be more typical to remove the
> authentication capabilities from my classifieds site and run a third app
> whose sole purpose is authentication?

You've hit the nail right on the head :-) That is the end result of
federated identity.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]