[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [saml-dev] Hi, please help on this question about SAML
Hi, guys I'm new to SAML, so, please help on the following questions. Thanks! A. Questions about Figure 1 in "Asserstions and Protocol for SAML, Committee Specification 01, 31 May 2002". 1. There's 3 policy repositories listed at the top of the figure. Are they all XACML policy repositories? Or only the one for 'Policy Decision Point' is of XACML, because XACML represents authorization and entitlement policies, not for authentication and attribute (access) policies? 2. What do the dashed arrows mean? "Authentication Assertion" can be input for "Attribute Authority" to make "Attribute Assertion"? B. Question about Binding and Profile: 1. What's the relationship and difference between Binding and Profile, for example, SOAP Binding and SOAP Profile? The definitions sound good, but when applying to SOAP Binding and SOAP Profile, I'm confused. C. Question about Authentication Request: 1. What message should be used when raising an Authentication Request? Authentication Query seems to query the authentication acts already performed. D. Question about the data model which SAML applied to: 1. The 'subject', 'resource', 'action', etc are all be described with anyURI. The the participants in the SAML usage should describe their subjects, resources, actions, and other data models using URI like format, right? For example, an XML file describing the data model of their IT system. And they should agree on this, right? Why not define a meta-model for these data model? Thanks a lot! Best Regards, Yang Shunxiang, 杨顺祥 IBM China Research Lab 4F, HaoHai, #7, 5th Street, Shangdi, BEIJING, 100085, CHINA TEL: 86-10-62986677 ext. 545 FAX: 86-10-82899634 E-mail: yangsx@cn.ibm.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC