[liberty-dev] Enterprise Portal question


To “‘liberty-dev@emailprotection.org'” <liberty-dev@emailprotection.org>
From “Hard, rick” <rick.Hard@FMR.COM>
Date Mon, 26 Aug 2002 12:18:51 -0400
Reply-to liberty-dev@emailprotection.org
Sender liberty-dev-owner@emailprotection.org

I do not remember if the following scenario was discussed at all for Version
1.0.
I am assuming the Enterprise is the IDP and the user has logged into the
Enterprise Portal (in fact this is likely the browsers home page, and the
login was transparent by way of NTLM authentication). The Enterprise Portal
makes available a selection of external web sites that are SP's (e.g. via
drop down menu) such as Health Care, 401K, Corporate Credit Card. The user
has been bulk federated with these external web sites by virtue of being an
employee of the Enterprise.
The Enterprise Portal already has control of the UI, and the link to the
external web site has been dynamically created with hidden form fields that
contain the AuthNResponse or Artifact. The profile (e.g. BrowserPOST), the
principal's name identifier etc. have been pre-agreed. I see no reason at
this point to bother with the AuthNRequest message. A quick browse of the
specs indicates nothing that prevents this nor indicates that use of the
AuthNRequest message is mandatory.
Thoughts??
Cheers
- Patrick 

Partial thread listing:

08/26/2002
[liberty-dev] Enterprise Portal question
(Harding, Patrick)
 Conor P. Cahill (08/26/2002)
 John D. Beatty (08/26/2002)
 Conor P. Cahill (08/26/2002)
 Jonathan Sergent (08/26/2002)

LEAVE A REPLY

Please enter your comment!
Please enter your name here