[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Question about affiliationOwnerID
Hello, I'm trying to clarify SSO sequence and contents of <AuthnRequest> that use Affiliation. To begin with Metadata, should I set same value to affiliationOwnerID of <AffiliationDescriptor> with entityID of <EntityDescriptor> ? For example, when "http://ServiceProvider.com" is a member of affiliation "http://AffiliationA.com", is following metadata correct? <md:EntityDescriptor entityID="http://AffiliationA.com" validUntil="..." xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"> <!-- QUESTION 1: Is entityID same as affiliationOwnerID? --> <md:AffiliationDescriptor affiliationOwnerID="http://AffiliationA.com"> <md:AffiliateMember>http://ServiceProvider.com</md:AffiliateMember> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">...</md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">...</md:KeyDescriptor> </md:AffiliationDescriptor> </md:EntityDescriptor> Thanks, -- Hideki
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]