[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Straw Man 2: Proxy use case
This will be added to the issue list in the SSO group, but not to this week's ballot. > -----Original Message----- > From: Irving Reid [mailto:Irving.Reid@baltimore.com] > Sent: Monday, February 19, 2001 2:48 PM > To: security-use@lists.oasis-open.org > Subject: Straw Man 2: Proxy use case > > > I'd like to suggest another variant on the Detailed Use Cases, Scenario 2: > Single Sign-On, Push Model. > > I'll tentatively call this Single Sign-On, Proxy Model. In this model, the > user authenticates to a proxy and then sends a request, including > credentials, to the proxy. The proxy generates OSSML assertions, attaches > them to the request, and forwards the request to the destination web site. > The destination web site replies to the proxy, and the proxy forwards the > reply back to the client. > > Alternatively, the initial message from the client to the proxy could > include both the authentication credentials and the request rather than > having a separate round-trip for authentication. > > There are two sub-variants to this use case: In some cases the proxy will > return OSSML tokens of some sort to the client, and the client will use > those tokens (most likely in the form of HTTP cookies) to make subsequent > requests within the single-sign-on session. In the other variant, > the proxy > has an existing session mechanism with the client. In that case, the proxy > can store the OSSML tokens and transparently attach them to subsequent > requests within that session. > > - irving - > > ------------------------------------------------------------------ > To unsubscribe from this elist send a message with the single word > "unsubscribe" in the body to: security-use-request@lists.oasis-open.org >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC