Moving between sites using SAML
https://softwareengineering.stackexchange.com/questions/176130
Pregunta
I'm tasked with developing an SSO system, and was guided towards using the SAML spec. After some research I think understand the interaction between a Service Provider and an ID Provider and how a user's identity is confirmed. But what happens when I redirect the user to another Service Provider? How do I ascertain the user's identity there? Do I send his SAML assertion tokens along with the redirect request? Or does the second Service Provider need to contact the ID Provider all over again?
No hay solución correcta
Licenciado bajo: CC-BY-SA con atribución
No afiliado a softwareengineering.stackexchange