Which of the following is true about an unauthenticated SAMLv2 transaction?
A.
The browser asks the SP for a resource. The SP provides the browser with an XHTML format.
The browser asks the IdP to validate the user, and then provides the XHTML back to the SP for
access.
B.
The browser asks the IdP for a resource. The IdP provides the browser with an XHTML format.
The browser asks the SP to validate the user, and then provides the XHTML to the IdP for access.
C.
The browser asks the IdP to validate the user. The IdP sends an XHTML form to the SP and a
cookie to the browser. The browser asks for a resource to the SP, which verifies the cookie and
XHTML format for access.
D.
The browser asks the SP to validate the user. The SP sends an XHTML form to the IdP. The
IdP provides the XHTML form back to the SP, and then the browser asks the SP for a resource.