proxy-authentication to SP
seltmann at ub.uni-leipzig.de
Thu May 7 06:35:14 EDT 2015
i trust the IdP, but i do not trust the SP. For that i wanted the "bar
SP" to talk to the IdP as well to verify that the asking user is
Giving "foo SP" a definite access to "bar SP" is defective by design. if
it becomes compromised one only need a user's id to access the user's
data on "bar SP".
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: This is a digitally signed message part
More information about the users