[jboss-dev-forums] [Design of Security on JBoss] - JBoss Federated SSO : How browsers can send and store a SAML
michaelf
do-not-reply at jboss.com
Sun Jan 25 04:40:01 EST 2009
Hi!
I miss couple of things in the design of JBoss Federated SSO.
As I understand, browser sends the SAML based token to each application that participated in SSO.
1) When the SAML based token is added to browser? After the authentication of a user?
2) How the token is added to browsers? Which browsers support today storing of the SAML based token?
3) How the token is sends to an HTTP client? As an HTTP parameter? As an HTTP header? Something else?
I will appreciate any explanation.
Best regards,
Michael
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4204566#4204566
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4204566
More information about the jboss-dev-forums
mailing list