[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] SSO multiple SPs
Thanks for your time.Thanks for the answer. I have one last question please.How does IDP know that it should not authenticate the user when SAML authentication request comes from second SP?
On Fri, Mar 14, 2014 at 1:38 AM, Paul Hethmon <firstname.lastname@example.org> wrote:
Please reply to the list, not me personally.
No, it will not be the same SAML Assertion. The assertion, among other things, contains information specific to the SP receiving it. So it will never be the "same" assertion. The IdP will construct the proper assertion for that SP.
On Mar 13, 2014, at 12:10 PM, Security Developer <email@example.com> wrote:
> Thanks for the clarification. Please bear with me, I have couple of more questions.
> If IDP choose to follow the path of returning SAML response containing SAML assertion silently (without user interaction) then
> - Will IDP return the same SAML assertion to second SP that was returned to first SP? If yes how would IDP know about it?
The SP's will not know about each other via SAML.
> - How does Second SP know about the first SP?