OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] attributeexchange: where to add the receiver

Chris -
This is indeed a very good question. The general question is how do SAML
"consumers" and "producers" (in your example, the attribute consumer and the
identity provider respectively) know about various service end points and
other "metadata". This is subject of SAML 2.0 Metadata specification, which
is currently in draft form. This draft specification allows the attribute
consumer to specify one or more URLs at which it can consumer the attributes
(there is also provisions for designating one of the URLs as default). If
you are interested, you can review the draft at
http://www.oasis-open.org/apps/org/workgroup/security/download.php/6169/sstc
-saml-metadata-2.0-draft-02.pdf. Please note: this is a draft and represents
work in progress.

Also note that metadata exchanged is independent of the SAML queries and
responses (preferably, metadata is exchanged prior to the query/response
communication and also exchanged much less frequently than regular SAML
query/response messages).

Jahan



------
Jahan Moreh
Chief Security Architect
310.288.2141

-----Original Message-----
From: Christoph Riesenberger [mailto:christoph.riesenberger@aon.at]
Sent: Wednesday, March 31, 2004 5:15 AM
To: saml-dev@lists.oasis-open.org
Subject: [saml-dev] attributeexchange: where to add the receiver


Hi,

I am working on an attribute exchange of 2 providers about a user. The
"serviceprovider" sends an attributequery to the "identityprovider".
The identityprovider checks, if the serviceprovider is allowed to get the
attributes and sends back an attributestatement. But how does he know where
to send it back, if there is no providerid oder url of the serviceprovider
intended in an attributequery?

Is there a way where to add this information in a SAML query?

Thanks,
Chris
--
PGP Fingerprint: 633B 47E1 B4AE 6184 2C83  E3DA B800 7BDD 038C 9060


To unsubscribe from this list, send a post to
saml-dev-unsubscribe@lists.oasis-open.org, or visit
http://www.oasis-open.org/mlmanage/.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]