[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] attributeexchange: where to add the receiver
Chris - This is indeed a very good question. The general question is how do SAML "consumers" and "producers" (in your example, the attribute consumer and the identity provider respectively) know about various service end points and other "metadata". This is subject of SAML 2.0 Metadata specification, which is currently in draft form. This draft specification allows the attribute consumer to specify one or more URLs at which it can consumer the attributes (there is also provisions for designating one of the URLs as default). If you are interested, you can review the draft at http://www.oasis-open.org/apps/org/workgroup/security/download.php/6169/sstc -saml-metadata-2.0-draft-02.pdf. Please note: this is a draft and represents work in progress. Also note that metadata exchanged is independent of the SAML queries and responses (preferably, metadata is exchanged prior to the query/response communication and also exchanged much less frequently than regular SAML query/response messages). Jahan ------ Jahan Moreh Chief Security Architect 310.288.2141 -----Original Message----- From: Christoph Riesenberger [mailto:christoph.riesenberger@aon.at] Sent: Wednesday, March 31, 2004 5:15 AM To: saml-dev@lists.oasis-open.org Subject: [saml-dev] attributeexchange: where to add the receiver Hi, I am working on an attribute exchange of 2 providers about a user. The "serviceprovider" sends an attributequery to the "identityprovider". The identityprovider checks, if the serviceprovider is allowed to get the attributes and sends back an attributestatement. But how does he know where to send it back, if there is no providerid oder url of the serviceprovider intended in an attributequery? Is there a way where to add this information in a SAML query? Thanks, Chris -- PGP Fingerprint: 633B 47E1 B4AE 6184 2C83 E3DA B800 7BDD 038C 9060 To unsubscribe from this list, send a post to saml-dev-unsubscribe@lists.oasis-open.org, or visit http://www.oasis-open.org/mlmanage/.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]