[ECP] non-GET initial requests via the ECP
Cantor, Scott
cantor.2 at osu.edu
Wed May 14 14:55:25 EDT 2014
On 5/14/14, 2:21 PM, "Marek Denis" <marek.denis at gmail.com> wrote:
>
>Can I access protected resources with methods other than GET, and be
>sure the content from that body will get to the http server after the
>user gets authenticated with saml protocol?
For ECP, that's up to the client.
>Let's say i protect /secure url and normally my server expects some
>data sent via POST/PUT HTTP methods. By initiating a request with the
>data I will get back a SOAP message, get the IdP, authenticate myself,
>get SAML assertion, POST it to the SP again. Any way to inject my
>completely custom data into this auth workflow?
No.
-- Scott
More information about the users
mailing list