[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] RE: Single Logout
> 4. Assuming SLO is IDP-initiated and the config is such that > some SPs support HTTP Redirect only and some support SOAP > only, can the IDP send some with one binding and some with > the other binding (assuming there are no other out-of-band > conditions that exist)? Yes, that's what step 3 is saying. You can do whatever the SP supports, assuming the browser is available. If not, then you don't have much choice and if the SP doesn't support SOAP, you've got an "unsupported binding" error. Most of the profiles avoid any requirements about what bindings can be used for request and response, unless the binding does (i.e. SOAP). I can do a LogoutRequest via POST and get back a LogoutResponse via Artifact, then do a second LogoutRequest via Redirect and get back a LogoutResponse via POST. Would I? Probably not, but the profiles allow it. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]