Are these saml request-response good enough?
Posted
by
Ashwin
on Stack Overflow
See other posts from Stack Overflow
or by Ashwin
Published on 2012-03-28T05:43:58Z
Indexed on
2012/03/31
17:28 UTC
Read the original article
Hit count: 208
saml
I have set up a single sign on(SSO) for my services. All the services confirm the identity of the user using the IDPorvider(IDP). In my case I am also the IDP.
In my saml request, I have included the following:
1. the level for which auth. is required.
2. the consumer url
3. the destination service url.
4. Issuer
Then, encrypting this message with the SP's(service provider) private key and then with the IDP's Public key. Then I am sending this request.
The IDP on receiving the request, first decrypts with his own private key and then with SP's public key. In the saml response:
1. destination url
2. Issuer
3. Status of the response
Is this good enough? Please give your suggestions?
© Stack Overflow or respective owner