A sample transaction between example.com and
university.edu, where example.com allows any active student,
faculty, or staff member to make a transaction.
User visits
http://www.example.com/cgi/show?c=university.edu
example.com discovers the name of the university.edu Proxy
Authentication Server
example.com redirects user to
https://auth.university.edu:443/iraa/login?service=example.com&destination=http://www.example.com/cgi/show?c=university.edu
university.edu prompts user for authentication information
university.edu redirects user to
http://www.example.com/cgi/show?c=university.edu?ticket=ABC123DEF456
example.com discovers the name of the university.edu
Attribute Verification Server.
university.edu returns an encrypted, persistent
identifier along with authentication and authorization confirmation:
yes
2b25f56dca1f3fa98be7b3180b70fc4a
yes
A sample transaction between example.com and
university.edu, where example.com needs to know if the user is
a student, faculty, or staff in order to offer the appropriate
information.
User visits
http://www.example.com/cgi/show?c=university.edu
example.com discovers the name of the university.edu Proxy
Authentication Server
example.com redirects user to
https://auth.university.edu:443/iraa/login?service=example.com&destination=http://www.example.com/cgi/show?c=university.edu
university.edu prompts user for authentication information
university.edu redirects user to
http://www.example.com/cgi/show?c=university.edu?ticket=ABC123DEF456
example.com discovers the name of the university.edu
Attribute Verification Server.