[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SAML WSDL ?
> I can use the WSDL to describe the body of the SOAP message. > However, I don't think that Header messages like SAML are described. I seem to recall there was something about headers somewhere in the WSDL SOAP binding stuff, which I glanced at but don't actually know much about. > Other than a graphic/text description, how do I describe the > SAML header of my SOAP message ? I think you're looking at things like the profiles in ID-WSF that more or less presume certain header content based on the security mechanism in use, or WS-SecurityPolicy, which apparently doesn't go so far as to discuss assertion content. I think there's work emerging on the *type* of assertions to use (i.e. SubjectConfirmation requirements) as in ID-WSF but not much at all on the content, other than a few places in SAML metadata, which isn't really adapted so far to describing web service relying party requirements. I guess I would certainly see security requirements like this as totally unrelated to the logical definition of a service's application messages, though. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]