Cross domain IdP trust
Peter Schober
peter.schober at univie.ac.at
Tue Nov 22 16:50:09 GMT 2011
* Cal Heldenbrand <cal at fbsdata.com> [2011-11-22 17:35]:
> Each IdP has an entirely separate user/pass namespace. And, I want each
> IdP to "trust" each other, in the sense that any user logged in at any of
> the IdPs will *transparently* have access to each SP without logging in
> again. No discovering IdP's or selecting where to log in, and only a
> single authentication allows access to all domains.
I probably don't understand the requirements but if all three SPs
federate with all three IdPs the only problem left to solve is IdP
discovery, no?
-peter
More information about the users
mailing list