OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [saml-dev] One token per endpoint-address?



Christian Mielke wrote:
> In this case, I want to use SAML only for simple
> AuthenticationStatements. I use them as endorsed supporting tokens.
> So for me it would be the best when a client gets a token and can use
> for every web-service on the server.

Well, as I mentioned before.  This may not be up to you.  A token issuer 
may explicitly indicate to whom the token may be sent.  If it does, then 
that's it.  There isn't anything you can do.

> Problem is the WCF implementation of Microsoft which calls the STS
> for each web-service, means a generated WCF client requests for each
> service a token (AppliesTo in the request).

This is pretty common and not terribly surprising.

-- 
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
chad.lajoie@switch.ch, http://www.switch.ch



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]