[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] Question about evidences
Please see inline...
DELEON Frederic wrote:
Hi,As far as I understand the assertion returned is a new one containing an AuthZ statement .I would like to konw what is the interest of evidences.
Here is how I understand the specification :
- a SAML client sends a request with an evidence inside the query,
this evidence contains an assertion ID (assertion reference),
- a SAML server get this assertion ID and retrieve the corresponding
assertion without control about the assertion ID validity, then it
returns the assertion in an evidence element inside the statement
as stated above, this was obtained in a prior act of authentication either viaIs it correct ?
In which case a SAML client can create a request with an evidence (with
assertion ID) ? Where this assertion ID can come from ?
The SAML schema allows giving an assertion instead of an assertion ID in
the evidence on the query. In this case what does the server check ?Thanks in advance.
Frederic Deleon
To unsubscribe from this list, send a post to saml-dev-unsubscribe@lists.oasis-open.org, or visit http://www.oasis-open.org/mlmanage/.
-- ________________________________________________________________________ Bhavna Bhatnagar Sun Microsystems Inc. Identity Management group __o Tel: 408-276-3591 _`\<,_ (*)/ (*) ________________________________________________________________________
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]