Speaking of service-now...

[Cantor, Scott]

On 9/14/11 2:37 PM, "Cantor, Scott" <cantor.2 at osu.edu> wrote:

>>Where do you insert your script in the authentication flow?
>
>You tell it your SSO service is the CGI script, and then you have the
>script bust the frame and reattach the query string to your actual SSO
>service. It worked with Shibboleth-style requests, I imagine it should
>work ok with SAML 2 redirects.

Of course, I should say that my initial script for this was a prototype
just to get it working, and then we didn't go forward with it. To do it
now for real, I'm going to have to try to pull this off without creating
an open relay or XSS nightmare.

-- Scott