[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [wss-comment] Passing binary data in SAML Assertion Token
Hi Tony, The SAML token profile, defines how one uses one of two SAML specified confirmation mechanims (sender-vouches and holder of key) to bind an assertion (containing one or more subject statements each with embedded subject identifier) to a SOAP msg. Said another way, the SAML token profile provides 2 mechanims to identify the "client" of a SOAP msg in a manner such that a msg receiver can authenticate the binding of the assertion (and thus the subjects that it contains) to the msg. Additional identifying attributes can also be conveyed within the SAML assertion, but neither SAML or the SAML token profile standardize specific attributes to be included in assertions. SAML defines the values that can be carried as the subject in subject statements. Ron Tony Opatha wrote: > Is it possible to include binary data in an SAML Assertion token such that > the token is used to identify a SOAP client by inclusion of the token > in the > SOAP Security Extension header i.e., <wss:security> element? > > In the SAML spec it seems like there is a way to pass non-XML application > data that may be processed by a receiving party's security service? > > It is possible to include binary data in SAML token as part of > <saml:Attribute> > and would conforming WSS SOAP Security implementation accept a SAML > token passed in the SOAP security header with binary token data > included in > the Assertion token containing AttributeStatement in binary form? > > Any help will be appreciated. > ------------------------------------------------------------------------ > Do you Yahoo!? > Yahoo! SiteBuilder > <http://us.rd.yahoo.com/evt=10469/*http://sitebuilder.yahoo.com> - > Free, easy-to-use web site design software
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]