Suppose OpenIG is working as SP and OPENAM is working as IDP. user is authenticated through SPInitiatedSingleSignOn ,user is authenticated and logged into application. Now , If user navigates multiple links of protected application , all those request will come back to OPENIG , will be passed through OpenIG again and again ?? and userid/ name value will be checked in exchange again and again ??
Yes, OpenIG acts as a reverse proxy on front of the protected application.
That means that all the traffic for the protected application is intercepted by OpenIG.
As a consequence, for each request, there is a test that verifies that the user has been along the SAML authentication process (that’s done by verifying that attributes of the SAML assertion have been stored in the HTTP Session).