![]() | This article is rated C-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||
|
'Although this article is already long, it's missing some significant new features of SAML 2.0:'
Also, there is no mention of the Enhanced Client/Proxy Profile, but seriously, I think ECP is too much for this introduction to SAML 2.0. Trscavo 19:16, 26 March 2007 (UTC)
With hindsight, the example flow illustrating Web Browser SSO should utilize HTTP Redirect (from the SP to the IdP) and HTTP POST (from the IdP to the SP) instead of HTTP POST in both directions since the former is by far the most common flow in use today. (I'm not keen on redoing the flow diagram, however.) Tom Scavo ( talk) 19:56, 10 March 2013 (UTC)
Isn't it a bit crazy to ask for references on an article about an official standard and reject the standard definition as "primary sources"? I know there are all kinds of WP:* on this, now seriously, in this case referencing second parties and leaving out the primary source would considerably devalue the article. Apparently, I'm not alone with that opinion, since the header is from 2008 and no one has bothered so far. How about removing it and accepting that for some topics, primary sources are the best references you can give?
Anyone else think it would add to this article to mention implementations or products that support SAML such as Tivoli or Microsoft or Oracle etc? —Preceding unsigned comment added by 149.176.250.16 ( talk) 01:13, 24 February 2011 (UTC)
I suppose 'deflating' in this text means to strip the (XML) text of unnecessary whitespace? Deflate in computer science is also used for a particular way of compressing data. mvdhout ( talk) 13:24, 12 January 2012 (UTC)
Correct me if I misunderstood something there, but the description currently states: 'Initially, the service provider transmits an artifact to the identity provider via an HTTP redirect [...] Next the identity provider sends a <samlp:ArtifactResolve> request (such as the ArtifactResolveRequest shown earlier) directly to the service provider via a back channel. Finally, the service provider returns a <samlp:ArtifactResponse> element containing the referenced <samlp:AuthnRequest> message'
In every case I have encountered so far the roles are the other way around. Shouldn't the IdP generate and send the artifact, which is then resolved and sent back by the SP, so the IdP can eventually send a response containing the assertion? Daniel Wild ( talk) 13:22, 10 September 2020 (UTC)
The section on SAML 2.0 Metadata has been cleaned up and enhanced, so I think the clean-up message can be removed. Tom Scavo ( talk) 19:49, 10 March 2013 (UTC)
There are numerous examples of SAML assertions in the article, including a holder-of-key assertion in the section on attribute query, so I think the notice at the beginning of the section on SAML 2.0 Assertions can be removed. Moreover, bearer assertions are far and away the most common SAML token type so I think the notice is misguided. Tom Scavo ( talk) 20:19, 10 March 2013 (UTC)
![]() | This article is rated C-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||
|
'Although this article is already long, it's missing some significant new features of SAML 2.0:'
Also, there is no mention of the Enhanced Client/Proxy Profile, but seriously, I think ECP is too much for this introduction to SAML 2.0. Trscavo 19:16, 26 March 2007 (UTC)
With hindsight, the example flow illustrating Web Browser SSO should utilize HTTP Redirect (from the SP to the IdP) and HTTP POST (from the IdP to the SP) instead of HTTP POST in both directions since the former is by far the most common flow in use today. (I'm not keen on redoing the flow diagram, however.) Tom Scavo ( talk) 19:56, 10 March 2013 (UTC)
Isn't it a bit crazy to ask for references on an article about an official standard and reject the standard definition as "primary sources"? I know there are all kinds of WP:* on this, now seriously, in this case referencing second parties and leaving out the primary source would considerably devalue the article. Apparently, I'm not alone with that opinion, since the header is from 2008 and no one has bothered so far. How about removing it and accepting that for some topics, primary sources are the best references you can give?
Anyone else think it would add to this article to mention implementations or products that support SAML such as Tivoli or Microsoft or Oracle etc? —Preceding unsigned comment added by 149.176.250.16 ( talk) 01:13, 24 February 2011 (UTC)
I suppose 'deflating' in this text means to strip the (XML) text of unnecessary whitespace? Deflate in computer science is also used for a particular way of compressing data. mvdhout ( talk) 13:24, 12 January 2012 (UTC)
Correct me if I misunderstood something there, but the description currently states: 'Initially, the service provider transmits an artifact to the identity provider via an HTTP redirect [...] Next the identity provider sends a <samlp:ArtifactResolve> request (such as the ArtifactResolveRequest shown earlier) directly to the service provider via a back channel. Finally, the service provider returns a <samlp:ArtifactResponse> element containing the referenced <samlp:AuthnRequest> message'
In every case I have encountered so far the roles are the other way around. Shouldn't the IdP generate and send the artifact, which is then resolved and sent back by the SP, so the IdP can eventually send a response containing the assertion? Daniel Wild ( talk) 13:22, 10 September 2020 (UTC)
The section on SAML 2.0 Metadata has been cleaned up and enhanced, so I think the clean-up message can be removed. Tom Scavo ( talk) 19:49, 10 March 2013 (UTC)
There are numerous examples of SAML assertions in the article, including a holder-of-key assertion in the section on attribute query, so I think the notice at the beginning of the section on SAML 2.0 Assertions can be removed. Moreover, bearer assertions are far and away the most common SAML token type so I think the notice is misguided. Tom Scavo ( talk) 20:19, 10 March 2013 (UTC)