300-810 · Question #53
SAML SSO is enabled in Cisco Unified Communications Manager. What happens when a browser-based client attempts to access a protected resource on a service provider?
The correct answer is C. The service provider generates a SAML authentication request.. In the SAML SSO flow, the very first action triggered when a browser-based client attempts to access a protected resource is that the Service Provider (SP) generates a SAML authentication request (C). The SP detects that the user is not authenticated, creates a SAML AuthnRequest
Question
SAML SSO is enabled in Cisco Unified Communications Manager. What happens when a browser-based client attempts to access a protected resource on a service provider?
Options
- AThe browser follows the redirect and issues an HTTPS GET request to the IdP.
- BThe IdP checks for a valid browser session.
- CThe service provider generates a SAML authentication request.
- DThe SAML request is maintained as a query parameter in the GET request.
How the community answered
(43 responses)- A2% (1)
- B2% (1)
- C88% (38)
- D7% (3)
Explanation
In the SAML SSO flow, the very first action triggered when a browser-based client attempts to access a protected resource is that the Service Provider (SP) generates a SAML authentication request (C). The SP detects that the user is not authenticated, creates a SAML AuthnRequest XML document, and redirects the browser to the IdP with this request encoded in the URL. The subsequent steps follow in order: the browser follows the redirect to the IdP (A), the IdP checks for a valid existing session (B), and the SAML request is carried as a query parameter in the GET request to the IdP (D). The question asks what happens first upon accessing the protected resource - that is the SP generating the SAML authentication request.
Topics
Community Discussion
No community discussion yet for this question.