[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Any work on WSDL for restricted SAML responder?
I'm wondering if anyone else out there has looked at composing WSDL that expresses a SAML responder that only accepts requests for a subset of the possible types of Statements. The use case I have is a service that only understands and responds to requests for AuthorizationDecisionStatements. So I want to indicate in the WSDL that the Query element should only contain AuthorizatoinDecisionQuery elements and the Response element will only contain AuthorizationDecisionStatements. This seems problematic since both of these element are encapsulated 2 or 3 levels below the Request and Response elements, so there is no easy way to indicate this in the WSDL Message elements. The only way I can think of would be to define new restricted versions of Request and Response, which sounds hideous. Am I missing something or does anyone else know of thoughts on this problem? Thanks, Von BTW, Yes I've seen Irving Reid's WSDL for a basic SAML responder and it looks good and I understand it could be used if all the parties know OOB that only Authorization* elements are to be used. http://lists.oasis-open.org/archives/security-services/200302/msg00008.html
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]