[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: RE: [saml-dev] how service provider authenticate assertion
2008/5/20 ÕÅ»Û <zhanghui_csu@126.com>: > > From the SAML standard,I only find that saml:condition need be authenticate.how about SAML authenticate assertion statement,how to authenticate it? define authenticate rule by myself ,parse xml text to make decision?the same to subject statement. So it seems you're using the word "authenticate" inappropriately. (I realize English is a second language here and you're trying to articulate the question the best you can.) Perhaps the word you want to use is "validate." You want to validate the SAML assertion, correct? If so, the SAML Core spec is pretty clear on that (see section 2.5). > I don't know how to deal with authenticate statement and saml:subject in SP.Does it relate to business requirement rule,not defined in saml standard. Once the assertion has been determined to be valid, the rest of the assertion content is taken as is. Of course the relying party will apply local policy before taking any action based on the assertion content. As you've guessed, policy is not defined in the SAML standard. Hope that helps, Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]