Re: [saml-dev] Saml idp in java servlet filter?

[Morgan Packard <hellomorganpackard@gmail.com>]

Thanks tom,
In this case, what does my "application's security domain" mean? The  
built-in security/authentication components of the app server?
-Morgan

Sent from my iPhone

On Dec 28, 2008, at 3:03 PM, "Tom Scavo" <trscavo@gmail.com> wrote:

> On Sun, Dec 28, 2008 at 1:32 PM, Morgan Packard
> <hellomorganpackard@gmail.com> wrote:
>> Ok. I'm _finally_ starting to get it:) thanks!
>
> Now that SAML web browser SSO is making more sense, you might want to
> consider the following deployment scenario.  To remove the
> authentication step from your application, it's often easiest to
> deploy an IdP in the application's security domain, and then offload
> the authentication step to the IdP.  Once that's done, your
> application is ready for cross-domain web browser SSO.
>
> Tom