[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ebxml-msg] A question about authorisation
Hello Ian, With a pull request there can be two separate WS-Security headers, one a regular one which can be X.509 based and a separate one for authorization target to an "ebms" actor/role (see section 7.10 in v3.0 Core). So when you propose a SAML token profile, the question is if it is used as an alternative for the regular WS-Security header and/or this separate authorization header. Pim -----Original Message----- From: ebxml-msg@lists.oasis-open.org [mailto:ebxml-msg@lists.oasis-open.org] On Behalf Of Mr. Ian Otto Sent: 27 June 2013 09:19 To: ebxml-msg@lists.oasis-open.org Subject: [ebxml-msg] A question about authorisation At yesterday's TC meeting, I received the impression that X.509 Certificates could not be used for Pull authorisation. Is that correct? Do you need a username/password for Pull authorisation?
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]