OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: schema 16 comments: autn assertion and attribute authority


Title: schema 16 comments: autn assertion and attribute authority

It's been pointed out by Shibboleth design that authentication authority can front
several attribute authorities. After authentication assertion is received how do we
know which attribute authority to use?

I would like to include atttribute authority location in authentication statement.

<complexType name="LocalityType">
        <attribute name="IPAddress" type="string" use="optional"/>
        <attribute name="DNSAddress" type="string" use="optional"/>
        <attribute name="ServicePort" type="unsignedShort" use=optional"/>
</complexType>

<element name="AuthenticationLocality" type="LocalityType"/>
<element name="AttributeLocality" type="LocalityType"/>

<complexType name="AuthenticationStatementType">
        <complexContent>
                <extension base="saml:SubjectStatementAbstractType">
                        <sequence>
                                <element ref="saml:AuthenticationLocality" minOccurs="0">
                                <element ref="saml:AttributeLocality" minOccurs="0"> --- this is new element
                        </sequence>
                        --- same as before ---
                </extension>
        </complexContent>
</complexType>

Simon Godik



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC