OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

amqp message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] (AMQP-107) Clarifying definition for Token Name (audience)?

    [ https://issues.oasis-open.org/browse/AMQP-107?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=66066#comment-66066 ] 

Rob Godfrey commented on AMQP-107:

I'm not sure that I consider this trivial - unless there is a way a client library can know when/how to retrieve a token and how it must then be "named" then it means that the use of this mechanism is always going to be very closely tied to the particular implementation of your vendor and needs to be coded at the application (rather than the library) level.

I admit that I had missed the implications of this previously, thinking that "name" had no semantic meaning, but was simply an identifier, and that the content of the token would be sufficient to extract the implied audience.

> Clarifying definition for Token Name (audience)?
> ------------------------------------------------
>                 Key: AMQP-107
>                 URL: https://issues.oasis-open.org/browse/AMQP-107
>             Project: OASIS Advanced Message Queuing Protocol (AMQP) TC
>          Issue Type: Improvement
>          Components: Claims Based Security
>    Affects Versions: cbs-WD03
>            Reporter: Brian Raymor
>            Assignee: Brian Raymor
>            Priority: Trivial
>             Fix For: cbs-WD04
> The definition has not been updated from WD2. For put-token and delete-token, the token name is defined as:
>   The “audience” to which the token applies.
> Is there a more concrete, precise definition?

This message was sent by Atlassian JIRA

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]