OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ebxml-msg] A question about authorisation

Hello Ian,

With a pull request there can be two separate WS-Security
headers,  one a regular one which can be X.509 based and a
separate one for authorization target to an "ebms"
actor/role (see section 7.10 in v3.0 Core).    So when you
propose a SAML token profile,  the question is if it is used
as an alternative for the regular WS-Security header and/or
this separate authorization header.

Pim

-----Original Message-----
From: ebxml-msg@lists.oasis-open.org
[mailto:ebxml-msg@lists.oasis-open.org] On Behalf Of Mr. Ian
Otto
Sent: 27 June 2013 09:19
To: ebxml-msg@lists.oasis-open.org
Subject: [ebxml-msg] A question about authorisation

At yesterday's TC meeting, I received the impression that
X.509 Certificates could not be used for Pull authorisation.
Is that correct?

Do you need a username/password for Pull authorisation?

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]