[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Question about evidences
Hi, I would like to konw what is the interest of evidences. Here is how I understand the specification : - a SAML client sends a request with an evidence inside the query, this evidence contains an assertion ID (assertion reference), - a SAML server get this assertion ID and retrieve the corresponding assertion without control about the assertion ID validity, then it returns the assertion in an evidence element inside the statement Is it correct ? In which case a SAML client can create a request with an evidence (with assertion ID) ? Where this assertion ID can come from ? The SAML schema allows giving an assertion instead of an assertion ID in the evidence on the query. In this case what does the server check ? Thanks in advance. Frederic Deleon
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]