proxy-authentication to SP

Ulf Seltmann seltmann at
Thu May 7 06:35:14 EDT 2015

Hello Perry,

i trust the IdP, but i do not trust the SP. For that i wanted the "bar
SP" to talk to the IdP as well to verify that the asking user is

Giving "foo SP" a definite access to "bar SP" is defective by design. if
it becomes compromised one only need a user's id to access the user's
data on "bar SP".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the users mailing list