[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: RE: Shibboleth Authentication request flow
From: Sathish Anickode <SAnickode () skytouchtechnology ! com>
Date: 2014-12-18 19:01:09
Message-ID: BL2PR08MB4675AF039AB5A893F9F3BD2C46A0 () BL2PR08MB467 ! namprd08 ! prod ! outlook ! com
[Download RAW message or body]
Thanks! The below url's were very informative and answered lots of my questions.
From: users-bounces@shibboleth.net [mailto:users-bounces@shibboleth.net] On Behalf Of \
David Gersic
Sent: Thursday, December 18, 2014 7:28 AM
To: Shib Users
Subject: Re: Shibboleth Authentication request flow
Shibboleth is an implementation of SAML. So if you understand how SAML works, you \
understand what Shibboleth is doing. Start here for basic SAML description:
http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language
https://blog.surfnet.nl/?p=1417
________________________________
From: users-bounces@shibboleth.net<mailto:users-bounces@shibboleth.net> \
<users-bounces@shibboleth.net<mailto:users-bounces@shibboleth.net>> on behalf of \
Sathish Anickode <SAnickode@skytouchtechnology.com<mailto:SAnickode@skytouchtechnology.com>>
Sent: Wednesday, December 17, 2014 9:02 PM
To: Shib Users
Subject: Shibboleth Authentication request flow
I would like to understand how the authentication request flows between the user's \
browser, SP and IdP.
A user accesses a resource on a SP for the first time and since there is no \
associated authenticated session, a SAML request is sent to the IdP to authenticate \
the user. Since the user does not have an associated session on the IdP, does the IdP \
send back a SAML response requesting the user to be redirected to the login page? Can \
you please clarify how this interaction works?
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
p.msochpdefault, li.msochpdefault, div.msochpdefault
{mso-style-name:msochpdefault;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri","sans-serif";}
span.emailstyle17
{mso-style-name:emailstyle17;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Thanks! The below url’s were \
very informative and answered lots of my questions.<o:p></o:p></span></p> <p \
class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p> <div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span \
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span \
style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> \
users-bounces@shibboleth.net [mailto:users-bounces@shibboleth.net] <b>On Behalf Of \
</b>David Gersic<br> <b>Sent:</b> Thursday, December 18, 2014 7:28 AM<br>
<b>To:</b> Shib Users<br>
<b>Subject:</b> Re: Shibboleth Authentication request flow<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div id="divtagdefaultwrapper">
<p style="background:white"><span \
style="font-family:"Calibri","sans-serif";color:black">Shibboleth \
is an implementation of SAML. So if you understand how SAML works, you understand \
what Shibboleth is doing. Start here for basic SAML \
description:<o:p></o:p></span></p> <p style="background:white"><span \
style="font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
<p style="background:white"><span \
style="font-family:"Calibri","sans-serif";color:black"><a \
href="http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language" \
id="lnk399212">http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language</a><o:p></o:p></span></p>
<p style="background:white"><span \
style="font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
<p style="background:white"><span \
style="font-family:"Calibri","sans-serif";color:black"><a \
href="https://blog.surfnet.nl/?p=1417" \
id="lnk573904">https://blog.surfnet.nl/?p=1417</a><o:p></o:p></span></p> <p \
style="background:white"><span \
style="font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
<p style="background:white"><span \
style="font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
<p style="background:white"><span \
style="font-family:"Calibri","sans-serif";color:black"><o:p> </o:p></span></p>
<div>
<div class="MsoNormal" align="center" style="text-align:center;background:white">
<span style="font-size:12.0pt;color:#212121">
<hr size="3" width="98%" align="center">
</span></div>
<div id="divRplyFwdMsg">
<p class="MsoNormal" style="background:white"><b><span \
style="color:black">From:</span></b><span style="color:black"> <a \
href="mailto:users-bounces@shibboleth.net">users-bounces@shibboleth.net</a> <<a \
href="mailto:users-bounces@shibboleth.net">users-bounces@shibboleth.net</a>> on \
behalf of Sathish Anickode <<a \
href="mailto:SAnickode@skytouchtechnology.com">SAnickode@skytouchtechnology.com</a>><br>
<b>Sent:</b> Wednesday, December 17, 2014 9:02 PM<br>
<b>To:</b> Shib Users<br>
<b>Subject:</b> Shibboleth Authentication request flow</span><span \
style="font-size:12.0pt;color:#212121"> <o:p></o:p></span></p>
<div>
<p class="MsoNormal" style="background:white"><span \
style="font-size:12.0pt;color:#212121"> <o:p></o:p></span></p> </div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="color:#212121">I would \
like to understand how the authentication request flows between the user’s \
browser, SP and IdP.<o:p></o:p></span></p> <p class="MsoNormal" \
style="background:white"><span style="color:#212121"> <o:p></o:p></span></p> <p \
class="MsoNormal" style="background:white"><span style="color:#212121">A user \
accesses a resource on a SP for the first time and since there is no associated \
authenticated session, a SAML request is sent to the IdP to authenticate the user. \
Since the user does not have an associated session on the IdP, does the IdP send \
back a SAML response requesting the user to be redirected to the login page? Can you \
please clarify how this interaction works?<o:p></o:p></span></p> <p class="MsoNormal" \
style="background:white"><span style="color:#212121"> <o:p></o:p></span></p> \
</div> </div>
</div>
</div>
</div>
</body>
</html>
--
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
--===============6614290376189831930==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic