Using SAML from non browser client
Cantor, Scott
cantor.2 at osu.edu
Sat Dec 17 20:32:06 GMT 2011
On 12/17/11 1:37 AM, "Anand Somani" <meatforums at gmail.com> wrote:
>
>Now with Shibboleth I can possibly use the idpAuthExternal and forward to
>a servlet which supports HTTP based basic/digest auth. My case is non
>typical (or is it) since there is no user sitting on a browser who can be
>shown a login page to collect user/pass. So the questions I have are
>
>* Since the spec does not really specify how actual auth happens, is this
>something I might have problems with when my application wants to use
>another Idp
Yes, which is why you don't do it with the browser profile, you use ECP.
The issues and pointers to relevant material are in the wiki.
>* Does SAML support this, from the all the reading I have done it does
>not prevent it, but am I in someways pushing it?
The ECP profile is specifically designed for your use case.
-- Scott
More information about the users
mailing list