Hello all, I am a newbie to Google Apps API, and am reading on the SSO (Single Sign-on) API for Google Apps from this page: http://code.google.com/apis/apps/sso/saml_reference_implementation.html
1) In the sequence diagram, step 2 is "Google generates a SAML authentication request". My question is: how or what determines what fields go into the Saml Request so formed, and where do we have to specify the same? Specifically, if the first request from the users browser has a cookie, can we include the cookie in one field of this request? Can we specify which all fields we want in here? 2) Step 5 says ".....response is digitally signed with the partner's public and private DSA/RSA keys.". My question is: I understand the private key, but why the public key of the partner is needed to sign? If public key is used for signing, then the corresponding private key (which is held only by the partner application) is needed to understand the signature. 3) If the SAML response is correctly received in the Google Apps side, does it create a cookie in the session for the authenticated user? 4) From what I understand, for enabling SSO to google applications, we need a SAML authority in the partner side, which will do the following: - receive the SAML request from google apps - parse, and get the user information for authentication - form a response - sign with its private key - send the response to google. Let me know if this understanding is correct. Regards, Ambarish. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
