wss-dev message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: SAML token profile question
- From: "Pim van der Eijk" <lists@sonnenglanz.net>
- To: <wss-dev@lists.oasis-open.org>
- Date: Wed, 29 May 2013 13:34:33 +0200
Hello,
The WSS SAML token
profile is defined in:
Section 3.5.2 of the profiles describes the sender-vouches
method of establishing the correspondence between a SOAP message and the SAML
assertions added to the SOAP message according to the SAML profile of WSS: SOAP
Message Security. An attesting entity uses the sender-vouches confirmation
method to assert that it is acting on behalf of the subject of SAML statements
attributed with a sender-vouches SubjectConfirmation
element.
Section 3.5.2.3
provides an example SOAP message using this profile using SAML 1.1 using
this subject conformation method.
Line 823-825 in the
example are:
<saml:ConfirmationMethod>
urn:oasis:names:tc:SAML:1.0:cm:holder-of-key
</saml:ConfirmationMethod>
I had expected an
example with a sender vouches confirmation method:
<saml:ConfirmationMethod>
urn:oasis:names:tc:SAML:2.0:cm:sendervouches
</saml:ConfirmationMethod>
What am I missing
?
Pim van der
Eijk
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]