OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Question about AuthnRequest and ACS URL


I have a general question about AuthnRequest. In the request there is a field called AssertionConsumerServiceURL. I am just wondering what is this URL used for?

1. What is IdP supposed to do when it decrypt the request and find this value? Should IdP compare the value with the one in the sp metadata file? Or what?
2. On IdP side, should IdP redirect to the ACS URL in the AuthnRequest, or the ACS URL in the metadata file of this SP?
3. If the ACS URL in the request is different from the one in the metadata file, should IdP return error?

Or maybe this behavior is not defined in SAML? It depends on individual IdP's implementation? So the best an SP to do is to send the same ACS URL in the AuthnRequest as in the metadata file?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]