OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] Informing SP about session invalidated in IDP

Please keep replies to the list.

* Phalguni Mukherjee <phalgunimukherjee1007@gmail.com> [2014-01-29 14:25]:
> On Wed, Jan 29, 2014 at 6:44 PM, Peter Schober wrote:
> > * Phalguni Mukherjee <phalgunimukherjee1007@gmail.com> [2014-01-29 13:59]:
> > > I have implemented security for my application with SAML and it
> > > works fine.  But I have a special scenario in which if the user
> > > tries to access my service from a particular machine(IP), the
> > > user should not be sent for authentication but should be given
> > > direct access to the application.Can someone help me out if its
> > > possible in SAML? In other words, something like granting a life
> > > time certificate for the application to that machine.
> >
> > I'd just sidestep the use of SAML for requests from that IP range.
> can you explain me how it is possible?

The "don't initiate/require SAML authentication from this IP range" by
definition has nothing to do with SAML, but everything with your web
application. I don't know what you expect here.
In httpd 2.2.x configuration terms someting along the lines of
  Allow from 192.168.0.
  Satisfy Any

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]