[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: RE: [saml-dev] how service provider authenticate assertion
hello Scott Cantor,
Thanks for your answer.I mean how to adjust the validity of SAML assertion.
From the SAML standard,I only find that saml:condition need be authenticate.how about SAML authenticate assertion statement,how to authenticate it? define authenticate rule by myself ,parse xml text to make decision?the same to subject statement.
I don't know how to deal with authenticate statement and saml:subject in SP.Does it relate to business requirement rule,not defined in saml standard.
Best regards!
Thank you very much!
hui zhang
======= 2008-05-20 23:04:59 您在来信中写道:=======
>> Identifier provider creates an assertion,then this assertion is
>> transferred to service provider.
>> how service provider authenticate whether this assertion is in
>> effect?thanks!
>
>It's not in scope of the standard how you authenticate digital signatures or
>certificates. Most people use some combination of SAML metadata, PKI
>techniques, and various adaptations that make sense in their environment.
>
>-- Scott
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
>For additional commands, e-mail: saml-dev-help@lists.oasis-open.org
>
>.
= = = = = = = = = = = = = = = = = = = =
致
礼!
张慧
zhanghui_csu@126.com
2008-05-21
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]