[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] Front-channel AttributeQuery Profile
Andreas, I am curious why you are using the front-channel approach - via the browser - is it to explicitly get the users consent? thanks, prateek > Hi, I'm considering whether it is reasonable to make an > Assertion/AttributeQuery profile that allows front-channel bindings... > > I'd like to exploit the possibility of implicitly referring to the > current user (as things are front-channel), and therefore I am abit > stucked because the AttributeQuery extends SubjectQueryAbstractType > (if I remember correctly), wher a Subject MUST be included. in the use > case I would like to solve, the SP and the AttributeAuthority does not > share a common reference to the current user... > > Would it be a good idea to omit the NameID, and use Subjectconf as > sender-vouces or bearer... Something like this? Better ideas > appreciated.... > > > <AttributeQuery xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:protocol > saml-schema-protocol-2.0.xsd" > xmlns="urn:oasis:names:tc:SAML:2.0:protocol" > xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" > ID="_d7607d551380ac97853a6ff4907c4ef01219be97dd" > Version="2.0" > IssueInstant="2008-05-27T07:46:06Z"> > <saml:Issuer>http://rnd.feide.no/sp</saml:Issuer> > <saml:Subject> > <saml:SubjectConfirmation > Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches" /> > </saml:Subject> > <saml:Attribute Name="urn:oid:2.16.840.1.113730.3.1.241" /> > </AttributeQuery>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]