Thursday Apr 12, 2007

How to federate a user?

Someone asked this question. "How to federate a user?" Here is the sequence diagram.

  • User visits the Service Provider the first time, he/she authenticates with the SP.
  • Then SP presents a list of Identity Provider to user
  • He/She chooses one of them and authenticate with it
  • Name Identifier is created. Name ID is hide the real identity of user. For example, user is joesmith in SP and he/she is jsmith in IDP; and his/her name ID is xyz (xyz is only an illustration, name ID is much longer length-wise). He/She is only known to SP and IDP as xyz.
  • IDP registers the name Id and SP ID; and then redirect the request back to SP
  • SP registers the name Id and IDP ID.
Pretty Simple, right?

This is only the beginning of Liberty/SAML ........

About

justme

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today
News
Blogroll
Blog friends

No bookmarks in folder