The Burden of Federated Authentication
If you’ve ever had the pleasure to hear me rant on web access management then you know I like to stress the difference between authentication and authorization. Authentication is the process of ...
Published May 24, 2016
Version 1.0Cody_Green
Employee
Joined December 29, 2011
Cody_Green
Employee
Joined December 29, 2011
amolari
Jun 01, 2016Cirrostratus
found out in the SAML-core spec allows the Subject element, while the WebSSO Profile doesn't (MUST NOT). In a few forums, some argued that the people behind the specs wanted to avoid too much binding between the SP and IdP. User's experience suffers and nothing seems to go much around about SAML 2.1..