OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Query regarding SAML 2.0 WEB SSO profile <AuthnRequest>

Hi all,
I am a new to SAML 2.0. I want to use SAML artifact authentication in my environment. I am going through SAML 2.0 WEB SSO profile and got stuck at a point.
In web SSO profile, in the 3rd communication from Service Provider to Identity Provider via User Agent, it is mentioned that the Service Provider issues an <AuthnRequest> message to be delivered by the user agent to the identity provider. And also mentioned that HTTP Redirect, HTTP POST or HTTP Artifact binding can be used to transfer the message to identity provider through User Agent.
But the HTTP Artifact binding uses <ArtifactResolve> (Artifact Resolution Protocol) and not <AuthnRequest> (Authentication Request Protocol). Even the <ArtifactResolve> is not derived form <AuthnRequest>. Since HTTP Artifact binding can only produce <ArtifactResolve> message, how this binding will work for WEB - SSO profile?
Please correct me if I misunderstood anything.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]