Dear Tony, First, thanks for your responses. It clarified a lot. My responses and further questions are inlined....
On Nov 26, 11:00 pm, "Tony (Google)" <[EMAIL PROTECTED]> wrote: > Hi Ambarish, > > Please see the comments below for your questions. > > 1) I don't believe you can specify arbitrary fields but you can make a > request and examine the SAMLRequest parameters and cookies that are > returned to see what attributes are included. > AM: I tried out the sample client given in the SSO page. I could see the SAML sample request. What I do not understand is: if the request does not contain the user information, how can the request be authenticated by the partner application where the request arrives. > 2) The public key of the partner should be uploaded by you to the > Google Apps Admin Panel and will be used by us to verify your > SAMLResponse. > AM: I understand this. What I asked was: why we need the public key to sign? As far as I think, the private key of the partner will be required to sign. Question: In the Google APPS SSO page, the "Sign-in page URL" should be present in the partner's domain? Is this the page where the SAML request from Google will be posted? Regards, Ambarish. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
