[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Use of SecurityTokenReference with SAML2
In the samlTokenProfile doc, we have the following example : <wsse:SecurityTokenReference xmlns:wsse="..." xmlns:wsu="..." xmlns:wsse11="..." wsu:Id="..." wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-tokenprofile-1.1#SAMLV2.0"> <wsse:Reference wsu:Id="..." URI="https://saml.example.edu/assertion-authority?ID=abcde"> </wsse:Reference> </wsse:SecurityTokenReference> If I understand well, if I receive such a reference, I'm supposed to send a message to the URL "https://saml.example.edu/assertion-authority?ID=abcde" to get the corresponding assertion. But looking at SAML2 specification, I see that to ask for an assertion with it's ID, we must use an AssertionIDRequest and send it with SOAP binding !!! So how are we supposed to handle this ? Valérie
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]