Loading...
Please wait, while we are loading the content...
Similar Documents
Affiliation the danish federation wayf- where are you from.
| Content Provider | CiteSeerX |
|---|---|
| Author | Simonsen, David Madsen, Jacob-Steen Petersen, Mads Freek Christiansen, Jacob |
| Abstract | interconnecting architectures The architectural differences between peer-to-peer identity federations and hub-and-spoke identity federations are profound and have implications for the users ' interaction with central federation components like the identity provider (IdP) discovery service (aka the 'wayf ' or 'where-are-you-from ' service). SAML2 authentication request scoping elements allows service providers in hub-and-spoke federations to build their own IdP discovery services. Furthermore, SAML2 scoping elements will in the future enable transparent interconnection of different federation architectures. In early 2010 the Danish WAYF federation was the first to introduce support for scoping elements. Scoping elements are, to the best of the authors ' knowledge, still only supported by the software package 'simpleSAMLphp 1 ' and in a single.NET implementation- but may come to be widely deployed if and when other SAML2-packages like i.e. the Shibboleth implementation introduce support for this feature. Background The basic concept of federated access management is simple: the user goes to the service (Fig. 1, arrow 1). When trying to login, the user is redirected to a web page with a list of trusted identity providers (IdP's) (arrow 2)- the so called where-are-you-from service or 'wayf'. Here the user chooses where to login and is redirected to the IdP's login page (arrow 3). Upon successful authentication, authorisation information about the user is send to the service which in turn decides wether to grant access or not. |
| File Format | |
| Access Restriction | Open |
| Subject Keyword | Danish Federation Wayf Central Federation Component Basic Concept Idp Discovery Service Service Provider Peer-to-peer Identity Federation Software Package Danish Wayf Federation Called Where-are-you-from Service Trusted Identity Provider Hub-and-spoke Identity Federation Successful Authentication Architectural Difference Login Page Future Enable Transparent Interconnection Turn Decides Hub-and-spoke Federation Federated Access Management Different Federation Architecture Net Implementation Discovery Service Authorisation Information Identity Provider Shibboleth Implementation Introduce Support Saml2 Authentication Request Web Page |
| Content Type | Text |
