...
Anchor | ||||
---|---|---|---|---|
|
Submitted by: Paul Trevithick
...
(NOTE: Our references to the NIH website is hypothetical.)
Use Case: Unmodified Browser, First Visit
Preconditions
Alice:
- Wants to sign-in to the NIH site
- Has never been to this NIH site before
- Has an unmodified browser
- Is not logged in to any of her OpenIDs or SAML IdPs at the moment
...
- Is a SAML, OpenID, and IMI/InfoCard compatible RP
- Trusts these OpenIDs:
- Yahoo, AOL, Google
- Trusts these SAML IdPs:
- InCommon Federation (of which Ohio State is a member)
- Trusts these Infocards:
- Equifax, Citigroup, Wave Systems, Acxiom
Flow #1: Uses Google account
- Alice clicks on the login button (see Non-chrome Login Button)
- The popup window appears
- Alice clicks on Google
- The window (having been redirected) now displays the Google auth dialog box
- Alice authenticates to Google
- Alice agrees to share Google attributes with NIH
- Alice is now logged in to the NIH site
Flow #2: Same as #1 except using Ohio State account
Flow #3: Searches first, then logs in
- Alice clicks on the login button (see Non-chrome Login Button)
- Alice types in the search box for "Boston University" (a member of the InCommon Federation)
- ...the rest is like flow #2
Use Case: Browser Add-on, First Visit
Preconditions
Alice:
- Wants to sign-in to the NIH site
- Has never been to this NIH site before
- Already has a multi-protocol browser add-on (aka selector, smart client, etc.)
- Has configured her add-on with:
- OpenID: Yahoo, AOL, Google, Facebook
- SAML: Ohio State
- Infocard: Equifax Identity Card, PayPal
- Is not logged in to any of her OpenIDs or SAML IdPs at the moment
- Has not defined a "default" OpenID, SAML or InfoCard
...