Are these saml request-response good enough?

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Ashwin on Stack Overflow See other posts from Stack Overflow or by Ashwin
Published on 2012-03-28T05:43:58Z Indexed on 2012/03/31 17:28 UTC
Read the original article Hit count: 204

Filed under:

I have set up a single sign on(SSO) for my services. All the services confirm the identity of the user using the IDPorvider(IDP). In my case I am also the IDP.
In my saml request, I have included the following:
1. the level for which auth. is required.
2. the consumer url
3. the destination service url.
4. Issuer

Then, encrypting this message with the SP's(service provider) private key and then with the IDP's Public key. Then I am sending this request.
The IDP on receiving the request, first decrypts with his own private key and then with SP's public key. In the saml response:
1. destination url
2. Issuer
3. Status of the response

Is this good enough? Please give your suggestions?

© Stack Overflow or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about saml

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle