[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] authentication
> For my diploma theses I am doing some research about the SAML > authority. Now I have a question about authentication. How is > this supposed to work? More concretely, how does the subject > transport the credentials (e.g. user name and password) to > the authentication authority? In the binding. The binding carries a payload, the AuthnRequest message, to the IdP, and authentication is done in whatever manner is desired for the chosen binding. For the SOAP binding, for example, authentication could be in the transport/tunneling layer (HTTP, TLS) or via SOAP using WS-Security. Liberty ID-WSF includes profiles of SAML that demonstrate this. For HTTP bindings used in web SSO, authentication is often done in some HTTP-specific way such as a form submission. It usually happens after the SAML binding is out of the way during a follow-on HTTP request. There are no constraints in SAML on how it's done, only a few mechanisms that are MTI for conformance in a few cases for SOAP. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]