[OpenSAML] Help on IDP initiated : artificat binding
54 views
Skip to first unread message
Shrenik
Nov 3, 2009, 6:26:10 AM11/3/09
to open saml forum
Hi,
I was working on IDP initiated : post binding for SSO implementation using opensaml 2.3.0. I could successfully realize it's implementation with basic reponse xml creation and parsing. Now I wanted to have a similar implementation with IDP initiated : artificat binding, and started going through the doc at http://www.oasis-open.org/committees/download.php/22553/sstc-saml-tech-overview-2%200-draft-13.pdf In this doc I could not find anything much discussed on IDP initiated : artificat binding, older versions of this doc had some discussion on IDP initiated : artificat binding but the latest one lacks it. Does it mean opensaml 2.3.0 has no support for IDP initiated : artificat binding now. Or is there a updated doc discussing the same, can anyone please help me to fine one Regards, Shrenik |
Yahoo! India has a new look. Take a sneak peek.
Chad La Joie
Nov 3, 2009, 6:30:58 AM11/3/09
to mace-opensaml-users
I'm not sure what you mean by IdP-initiated artifact. OpenSAML supports
the creation of artifacts and storing those for later looking up the
message based on the artifact. Such support has nothing to do with
which role the sender is currently operating in.
the creation of artifacts and storing those for later looking up the
message based on the artifact. Such support has nothing to do with
which role the sender is currently operating in.
> Keep up with people you care about with Yahoo! India Mail. Learn how. http://in.overview.mail.yahoo.com/connectmore
--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
chad....@switch.ch, http://www.switch.ch
Shrenik
Nov 3, 2009, 7:18:04 AM11/3/09
to mace-open...@internet2.edu
as discussed in the pdf file:
there are two ways of authenticating the user:
1. service provider initiated authentication (SP initiated)
2. ID provider initiated authentication (IdP initiated)
In case of SP initiated authentication, we can go with post binding or artifact binding(section 4.1.2 and 4.1.3 in the above pdf has the explanation). But if we choose our implementation to be IdP initiated authentication, the above mentioned pdf has explanation only for post binding(section 4.1.4).
So can we choose artifact binding for IdP initiated authentication, if yes it would be helpful if you could point me out the doc for the same.
Regards,
|
Chad La Joie
Nov 3, 2009, 7:30:10 AM11/3/09
to mace-opensaml-users
OpenSAML is not an IdP, or an SP, so your question is meaningless in
this context. It has nothing to do with OpenSAML.
this context. It has nothing to do with OpenSAML.
> Add whatever you love to the Yahoo! India homepage. Try now! http://in.yahoo.com/trynew
Reply all
Reply to author
Forward
0 new messages