saml-dev message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Subject: [saml-dev] Query source
- From: Bhavna Bhatnagar <Bhavna.Bhatnagar@Sun.COM>
- To: "saml-dev@lists.oasis-open.org" <saml-dev@lists.oasis-open.org>
- Date: Wed, 31 Jul 2002 10:16:05 -0700
Hi All,
Have been having some diffcultty figuring out the source of the query
when it come to the SOAP
Receiver, one which receives the assertionID/AssertionArtifact/Authentication/AuthzDecision/Attribute
Query.
In order to serve the query the SOAP Receiver must know who the source
of the query is in order to establish
trust and secondly needs a proof of authentication to be there
in the query before it can be served.
The current Query schema does not have explicit place for these pieces
of information. How is everyone
of you doing this ?
When one gets a request one can maximum ascertain the IP address of
the requestor from the HttpRequest,
so would one have to keep a list of all valid IP addreses of all vendors
and then based on which IP the request
comes from establish what the source was ? Seems highly complicated.
Also where is the authentication proof
going to be in the query ? Any other thoughts out there ?
Thanks
Bhavna
--
________________________________________________________________________
Bhavna Bhatnagar Sun Microsystems Inc.
Identity Management group __o
Tel: 408-276-3591 _`\<,_
(*)/ (*)
________________________________________________________________________
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC