This content has been marked as final.
Show 1 reply
-
1. Re: Struggling with how IDP and STS work together.
anil.saldhana Jun 17, 2014 12:53 PM (in response to slopez01)One Use Case :-
===========
When a PicketLink SP receives a SAML assertion from the IDP, we do save the assertion in the httpsession.
Now in your application code, you can call EJBs using this SAML assertion (from httpsession) as token. At the receiving end, the STS login modules that are configured for the EJB can validate this token via
a) Check for issuer
b) Check for expiration
c) Validate the signature of the token