Is it possible to hit the IdP login form directly from a browser?

Yaowen Tu yaowen.tu at gmail.com
Sat Sep 1 00:40:07 EDT 2012


Thanks a lot Nate. I get the idea.

The reason I ask the question is because I am thinking how to support our mobile app login. It doesn't need to be SSO, and if the mobile app can get user name and password. How the app can post a form to IdP to authenticate the user directly?

Do you know how SAML users achieve mobile app login? Is this where ECP should be considered?

Yaowen

On Aug 31, 2012, at 8:26 PM, Nate Klingenstein wrote:

> I should add, one of the nice things about federated identity as compared to other forms of interrealm identity is that it does introduce some important degrees of freedom.  Allowing the IdP to authenticate its users however it needs to get that done makes interop easier, not harder.  The SP can always place restrictions on the form of authentication that it will accept, and in most flows, no entity directly authenticates the user except the IdP.
> 
> On Sep 1, 2012, at 2:36 , Yaowen Tu wrote:
> 
>> I have been thinking about the reason of it. Is it because that SAML doesn't actually define how IdP authenticate a user? So it is every IdP's responsibility and interoperability is an issue? What else?
> 
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20120831/eb5e12de/attachment.html 


More information about the users mailing list