具有SAML 2.0的SLO(SP启动的SLO或IDP启动的SLO),最好在服务提供商中使用
[英]SLO with SAML 2.0 (SP initiated SLO or IDP initiated SLO), which one is good to have in service provider
问题描述
We created a application (SP), which have a option to login via SSO (Single Sign On) using third party application (any IdP). 
我们创建了一个应用程序(SP),该程序具有使用第三方应用程序(任何IdP)通过SSO (单点登录)登录的选项。 We used SAML 2.0 complaint for SSO(Single Sign On). 我们将SAML 2.0投诉用于SSO(单一登录)。
Question : 题 :
- Which one is good to have in my application (SP initiated SLO or IDP initiated SLO)? 在我的应用程序中(SP启动的SLO或IDP启动的SLO)哪一种是好的?
How many application using SP initiated slo and IDP initiated slo?
多少个使用SP启动的Slo和IDP启动的Slo的应用程序? (1 or 2 application(SP) name for each which are integrated with third party app) (与第三方应用程序集成在一起的每个应用程序的名称为1或2) How about creating both and keeping SLO is optional to IDP?
如何创建两者并保持SLO对IDP是可选的?
Can anyone help me 谁能帮我
1 个解决方案
解决方案1
0 已采纳 2016-07-28 15:04:04
There is no requirement to provide SLO. 不需要提供SLO。 Many large service providers do not (Google Apps and Salesforce, for example). 许多大型服务提供商没有(例如Google Apps和Salesforce)。
If you're going to provide for it, it's my opinion that you should support both, but not require it of the SP (make it an option within your SP). 如果您打算提供它, 我认为您应该同时支持两者,但不需要SP的支持(使其成为SP中的一个选项)。 All enterprise implementations (PingFederate, OAM, Siteminder, etc.) that I am aware of support both, but do not require either, on both SP and IdP sides. 我知道所有企业实现(PingFederate,OAM,Siteminder等)在SP和IdP方面都支持,但不需要两者都支持。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.