By [email protected] - 12/29/2014
Is it Required that the service providers be accessible on a https connection if the IDP can be accessed only on a https connection, if I have to avoid the https security warning below when going from idp to sp? This may not be directly related to component space but a question in general.
"Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party. Are you sure you want to continue sending this information?"
I did some research and I see the following on the net: "You will get that warning if you go from a secure https connection to an insecure http connection and POST data entered in a form on a secure site is send to a http server.The warning tells you that you are sending data from a secure site to a non secure http url."
|