Hi Johann, This is great..!!!
I was thinking about a pattern like this.. rather than having it as a query parameter. ... /samlsso/sp/travelocity /samlsso/sp/avis Thanks & regards, -Prabath On Sat, Nov 9, 2013 at 10:42 AM, Johann Nallathamby <[email protected]> wrote: > Hi, > > IdP Initiated SSO support has been added with r190585. > > To enable IdP Initiated SSO for a service provider click on "Enable IdP > Initiated SSO" as shown in the attached screen shot. > > To initiate IdP Initiated SSO you need to perform a HTTP GET/POST to the > following URL (assume the registered service provider Issuer ID is > travelocity.com) > > https://localhost:9443/samlsso?spEntityID=travelocity.com > > This request will authenticate the user and redirect him to the registered > Assertion Consumer URL. Optionally you can send in a RelayState parameter > as follows: > > > https://localhost:9443/samlsso?spEntityID=travelocity.com&RelayState=http://localhost:8080/travelocity.com/my-home.jsp > > This request will authenticate the user and redirect him to the URL in the > RelayState parameter. > > To Note: > Either you could have SP Initiated SSO only, or SP Initiated SSO and IdP > Initiated SSO. You can't have IdP initiated SSO only. By design SP > Initiated SSO is more restrictive and secure. A service provider is allowed > to do IdP Initiated SSO would automatically imply he is allowed to do SP > Initiated SSO as well. > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Senior Software Engineer > Integration Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
