why is SAML based on browser
Cantor, Scott
cantor.2 at osu.edu
Fri Jul 13 15:08:02 EDT 2012
On 7/13/12 3:04 PM, "Yaowen Tu" <yaowen.tu at gmail.com> wrote:
>
>Let me know if this is the correct mail list that I should ask for this
>question.
The OASIS saml-dev list is the appropriate list for SAML questions.
>I am studying SAML and SSO, and it looks like the application that use
>SAML need to be a web application and relying on a browser.
SAML is based on profiles, it's a generic standard. One of the profiles is
for browser SSO.
>My limited knowledge of SAML tells me that SAML relies on session and
>cookie, which is not available in desktop application or mobile app. Is
>that the only reason? Can you give me more details about this?
None of that is anything to do with SAML. It doesn't specify anything
about session management, cookies, or anything like that. That's all out
of scope of the standard.
-- Scott
More information about the users
mailing list