AW: AW: Programmatically get Assertion for 3rd party resources
Kevin Flückiger
kevin.flueckiger at inovitas.ch
Wed May 20 10:17:02 EDT 2015
>That merely replaces the Redirects and JavaScript-initated HTTP POST of Web Browser SSO profile with the ECP client doing the >work of sending protocol messages back and forth to the SP and IDP.
>It doesn't change anything wrt who may get what assertion.
Ok I understand. I saw that AWS doesn't support the ECP-Profile anyways, so back to the start.
Would you say that my use case (login to my application protected by my own SP and then accessing resources protected by a SP out of my control, but trusted by my IdP) is not possible at all?
-----Ursprüngliche Nachricht-----
Von: users [mailto:users-bounces at shibboleth.net] Im Auftrag von Peter Schober
Gesendet: Mittwoch, 20. Mai 2015 15:04
An: users at shibboleth.net
Betreff: Re: AW: Programmatically get Assertion for 3rd party resources
* Kevin Flückiger <kevin.flueckiger at inovitas.ch> [2015-05-20 10:55]:
> So what about the ECP Profile?
That merely replaces the Redirects and JavaScript-initated HTTP POST of Web Browser SSO profile with the ECP client doing the work of sending protocol messages back and forth to the SP and IDP.
It doesn't change anything wrt who may get what assertion.
-peter
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list