[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: RE: [saml-dev] how service provider authenticate assertion
hello Scott Cantor, Thanks for your answer.I mean how to adjust the validity of SAML assertion. From the SAML standard,I only find that saml:condition need be authenticate.how about SAML authenticate assertion statement,how to authenticate it? define authenticate rule by myself ,parse xml text to make decision?the same to subject statement. I don't know how to deal with authenticate statement and saml:subject in SP.Does it relate to business requirement rule,not defined in saml standard. Best regards! Thank you very much! hui zhang ======= 2008-05-20 23:04:59 您在来信中写道:======= >> Identifier provider creates an assertion,then this assertion is >> transferred to service provider. >> how service provider authenticate whether this assertion is in >> effect?thanks! > >It's not in scope of the standard how you authenticate digital signatures or >certificates. Most people use some combination of SAML metadata, PKI >techniques, and various adaptations that make sense in their environment. > >-- Scott > > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org >For additional commands, e-mail: saml-dev-help@lists.oasis-open.org > >. = = = = = = = = = = = = = = = = = = = = 致 礼! 张慧 zhanghui_csu@126.com 2008-05-21
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]