Peter Schober peter.schober at
Thu Nov 1 06:16:36 EDT 2012

* Gaurav Sinha <gshcet at> [2012-11-01 08:04]:
> How will the resource at SP2 get authenticated. ? . Because *
> _idp_authn_lc_key* and *_idp_session* cookies are already set in the
> browser ?

No. To access SP2 the subject's HTTP User Agent will go through the
same SAML WebSSO protocol exchange as with SP1.
If the subject's HTTP User Agent has an established session with the
SAML IdP also chosen for SP1 (how this session is implemented is
irrelevant here) the subject will experience "SSO" and will be logged
in to SP2 without further steps (if authorization at SP2 succeeds, of

More information about the users mailing list