[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] On allowing multiple value types for an attribute
I think he is referring to section 3.3.4 which says the response to any of the Query requests must contain a subject which matches the subject in the query. I don't see any practical way to do an attribute query without specifying an identifier element. Otherwise whose attributes should be returned? Hal > -----Original Message----- > From: Cantor, Scott [mailto:cantor.2@osu.edu] > Sent: Wednesday, November 26, 2014 10:25 AM > To: Mohammad Jafari; security-services@lists.oasis-open.org > Cc: Hal Lockhart > Subject: Re: [security-services] On allowing multiple value types for > an attribute > > On 11/26/14, 3:19 AM, "Mohammad Jafari" <mjafari@edmondsci.com> wrote: > >I checked the specs and it seems that although saml:Subject is > >optional, it is mandatory when saml:AttributeStatement is present. > > In what specs? Certainly not in SAML 2.0, unless I'm misremembering. > Even where Subject might be present, NameID is always optional anyway. > > -- Scott >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]