OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [Possible Spam] Re: [saml-dev] Any 3 leg profile?

On Wed, Feb 27, 2013 at 9:34 AM, Ben Hanson
<ben.hanson@virginmedia.co.uk> wrote:
> You could like at a rich client use case.  Although in the name its
> for.......Rich Clients.
> Post Redirect is always the preferred option imo.

I found a reference to an "OIOSAML Rich Client to Browser Scenario",
which talks much of what we're doing. The detail that it does is it
sends an unsolicited Response to the SP to facilitate the login.

That had not occurred to me, mostly because I was interested in
getting a session engaged with the IdP. With an unsolicited Response,
that's not necessarily the case.

I was hoping to engage the IdP because in our case it can act as a
central auditing point (the apps audit also, but this gives us another
avenue of audit and control -- for example, an admin can kick users
off the overall system from the IdP if there's a session established).

This is what my little Pooh brain has schemed up, basically.


Thanks Ben.


Will Hartung

CONFIDENTIALITY NOTICE: The information contained in this electronic 
transmission may be confidential. If you are not an intended recipient, be 
aware that any disclosure, copying, distribution or use of the information 
contained in this transmission is prohibited and may be unlawful. If you 
have received this transmission in error, please notify us by email reply 
and then erase it from your computer system.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]