[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss-comment] recursive Security Token References
Anthony Nadalin wrote on 8/31/2005, 8:20 PM:
> Can you state your use case ? as there may be other ways to solve this.
We have a service that will be invoked which potentially returns several
security tokens which may or may not be the same token used in different
contexts. We want to use a carrier for the token because the recipient
of this message does not always need to understand the contents of the
security token (they would just relay it).
The situations we want to support include:
1. A general purpose security token carrier -- the Embedded STR works
for this.
2. A reference to that carrier when the same token is used for
multiple contexts -- based on our discussions here, that
apparantly is not allowed
3. An STR embedded in the token carrier -- the recipient of the
message would use the STR (rather than dereferencing it) in
subsequent outgoing messages. If we used STR for the token
carrier, this would result in an STR which contains an embedded
element which contains an STR. I can only imagine the reaction to
this structure here :-).
4. A reference to an external token not included in the message.
Thats a basic STR direct reference.
So the 2nd and I'm guessing the 3rd use cause heartaches here.
Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]