[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [saml-dev]
The browser profile supports transfer of arbitrary number of artifacts (not really, the URL line tends to get truncated after 1k+ in many situations). If there is a strong preference for two/n distinct artifacts in the demo, we can certainly revise the interop draft to reflect that. The use of a single artifact and assertion was intended as a simplification; if this is not the case, we should remove the constraint. - prateek >>-----Original Message----- >>From: Scott Cantor [mailto:cantor.2@osu.edu] >>Sent: Thursday, May 09, 2002 11:56 AM >>To: 'Bhavna Bhatnagar'; saml-dev@lists.oasis-open.org; >>afetterer@crosslogix.com >>Subject: RE: [saml-dev] >> >> >>> 3.Use the same SSO Assertion as received during the SSO, >>> which also holds the attribute statement as the Evidence, but then >>this >>> may have expired. We could keep the expiration range to be >>long enough >>so >>> that the assertion is alive for the whole round trip demo. >> >>FWIW, as a general issue outside of your interop event, I had presumed >>that if one wanted to include attributes with the SSO bundle, >>one would >>create a second assertion to contain the attribute statement, >>so that it >>could be made long lived (relatively) without affecting the SSO >>assertion. >> >>In the POST profile, this is simple, since the response can just carry >>both assertions at once. I guess with artifact, you'd send along two >>artifacts? It was a 1:1 artifact:assertion correspondence that was >>intended, I think. >> >>-- Scott >> >> >>---------------------------------------------------------------- >>To subscribe or unsubscribe from this elist use the subscription >>manager: <http://lists.oasis-open.org/ob/adm.pl> >>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC