[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Lasso-devel] Problems with the IdP



Rosa Sanchez Guerrero wrote:
> Hi,
>
> I am doing tests on a scenario that has the following elements: a SP-based
> ZXID (SAML), your IdP  (Authentic) and a WSP  (Liberty)  that I've
> implemented based on Lasso. With the SP and the IdP, and the IdP and WSP
> and
> processes successful single sign on and single logout. However, I have
> proved to be in the same browser on the SP (ZXID) and  my WSP  and if I
> make
> the following test  it fails. I begin SSO  with the SP (ZXID) and it
> redirected to the login page "Authentic" but in this case, I  don4t insert
> the username and the password. Then,  I begin  SSO with my WSP , it

How is it possible to perform SSO with a WSP? SAML2 protocol defines only
two roles: SP (aka Relying Party) and IdP. Both have direct interaction
with the user (via his browser). A Web Services (SOAP) Provider can not,
by definition, have direct interactions, such as SSO, with the user. So
what do you mean by WSP being part of SSO?

Can you clarify whether you are using mod_auth_saml Apache module
as distributed in zxid.org, or some other ZXID approach?

Cheers,
--Sampo

> redirect
> to the login page of "Authentic" and if in this case I enter the username
> and the password,  An error error occurs  in the IdP :
>
>   LassoLibAuthnRequest invalid cast from ` 'to` LassoSamlp2AuthnRequest'
>
> Any idea what may be happening?
>
> Regars,
>
> Rosa
> _______________________________________________
> Lasso-devel mailing list
> Lasso-devel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> https://lists.labs.libre-entreprise.org/mailman/listinfo/lasso-devel