OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] AuthnRequest usage - 'recognize' principal

Okay, thanks Scott and Conor. I felt that we were probably over-loading the Subject element incorrectly, but wasn't 100% sure, so I'm glad I posed the question here.

It's kind of a unique situation because the SP web-app, in this case, is actually owned by the same company (different division) as us. We may at some point need to debug issues or reconcile things in conjunction with them, so logging their userid could be useful. So in light of this thread, we may use the Extensions element to pass that, not Subject.

But we also want this solution to easily extend to other 3rd party SPs; for them we would not require the SP userid.

(If you are wondering why the SP is asking us to authenticate a user who is already authenticated on their side, the answer is that there is a certain function on the SP side which can only be accessed by some of *our* users.)

michael lucas  |  Senior Software Developer  |  Great-West Life

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]