[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Identity Federation
Hello, i’ve read the Identity Federation
specification on http://www.oasis-open.org/committees/download.php/22553/sstc-saml-tech-overview-2%200-draft-13.pdf -> 2.3 Identity Federation Use Case) but I have some
questions about the flow.. could you help me ? Is it like this: IdP -> User “john”
logs in SP -> User “jpf”
logs in SP -> Asks “jpf”
to consent identity with IdP SP -> “jpf”
replies yes and is redirected to the IdP IdP -> Creates
a new pseudonym for “john” (how?) (for example, pseudonym is ABC) IdP -> stores
the information that “john” is also “ABC” IdP -> redirects
user to SP and sends an SAML <Assertion> with the pseudonym “ABC” SP -> receives
the <Assertion> and extracts the pseudonym SP -> stores
the information that “jpf” is also “ABC” Is this right? If not, how should it be
done? Thank you Filipa
Moura |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]