OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [security-services] New high level SSO use cases

> In Scenario 1-1 (SSO with destination site first), I assume 
> that the user may or may not have been authenticated at the 
> source site. I.e., once the user is redirected to the source 
> site, he/she may or may not have to actually authenticate via 
> permanent credentials.

That's true. I copied the basic structure for the SSO diagrams from the original SAML use case document.

> If an authenticated session exists 
> between the user and the source site, then the source site 
> simply produces the artifact/assertion. If my assumption is 
> incorrect, perhaps we need to add a new scenario to cover 
> this flow. If it is correct, it may be worthwhile stating it 
> explicitly.

Certainly, I can clarify it. By Authenticate, I just mean demonstrate proof of identity, which may be via any means, including
implicitly based on past acts.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC