Moving between sites using SAML

Posted by System Down on Programmers See other posts from Programmers or by System Down
Published on 2012-11-16T20:01:46Z Indexed on 2012/11/16 23:16 UTC
Read the original article Hit count: 212

Filed under:
|
|

I'm tasked with developing an SSO system, and was guided towards using the SAML spec. After some research I think understand the interaction between a Service Provider and an ID Provider and how a user's identity is confirmed. But what happens when I redirect the user to another Service Provider? How do I ascertain the user's identity there? Do I send his SAML assertion tokens along with the redirect request? Or does the second Service Provider need to contact the ID Provider all over again?

© Programmers or respective owner

Related posts about security

Related posts about sso