The following use case illustrates user consent.
User1 logs in and authenticates at MyWorkPlace.com at 2:00PM. MyWorkPlace is acting as an Identity Provider. At 2:03PM, the user selects a link to the partner company that runs travel specials for employees. User1 is redirected to a form that asks for consent before sending User1 to ExampleTravel.com. User1 takes a phone call before completing the consent form. The time is now 2:10PM. MyWorkPlace does not generate an assertion because the validity period has expired.
If User1 grants consent promptly and is redirected back to the Identity Provider by 2:05PM, the Identity Provider generates an assertion. Only 2 minutes pass between consent and assertion generation, so the validity period is still active.
|
Copyright © 2013 CA.
All rights reserved.
|
|