OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: SAML V2.0 Kerberos Attribute Profile Version 1.0


Hi,

 

I have a comment/query on SAML V2.0 Kerberos Attribute Profile Version 1.0

 

From 2.7 Examples section:

 

The SAML requester sends a request containing the user principal and service principal name to the SAML attribute authority asking for Kerberos AP-REQ message. How would SAML attribute authority get the TGT of the user principal and also the service ticket to construct the Kerberos AP-REQ that can be returned to SAML requester?

 

Will SAML attribute authority and SAML requester run on the same workstation which the user is using so that it can get hold of the user’s credentials?

I am new to SAML and would appreciate if anyone can let me know what typically the SAML requester and SAML attribute authority is?

 

Thanks,
Srini



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]