[
https://issues.apache.org/jira/browse/FEDIZ-3?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13440676#comment-13440676
]
Oliver Wulff commented on FEDIZ-3:
----------------------------------
Home realm discovery must be implemented.
Initially, the Resource IDP processes the whr parameter of the signin request
and redirects the browser to the requestor IDP.
Later, the home realm discovery could be extended to support more sophisticated
algorithms based on client parameters (HTTP headers, client idp, etc).
The Resource IDP should maintain a session with the browser which doesn't
enforce a redirect to the requestor idp if it has already been authenticated.
Instead, he issues a new token for the RP directly.
The exception is if the wauth parameter enforces a stronger authentication
(certificate) than initially done like username/password.
> Support the role "Resource IDP" in IDP
> --------------------------------------
>
> Key: FEDIZ-3
> URL: https://issues.apache.org/jira/browse/FEDIZ-3
> Project: CXF-Fediz
> Issue Type: New Feature
> Components: IDP
> Reporter: Oliver Wulff
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
