OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [saml-dev] attributeexchange: where to add the receiver


Hi Chris;

> I am working on an attribute exchange of 2 providers about a user. The
> "serviceprovider" sends an attributequery to the "identityprovider".
> The identityprovider checks, if the serviceprovider is allowed to get the
> attributes and sends back an attributestatement. But how does he know
where
> to send it back, if there is no providerid oder url of the serviceprovider
> intended in an attributequery?

Assuming that this message exchange is done across the SOAP over HTTP
binding of SAML, could you not just respond to the serviceprovider's HTTP
request (containing the SAML Request) with an HTTP response (containing the
SAML Response)?

If that isn't an option, could you associate a SAML consumer URL ( or
whatever address scheme fits with your message transport ) with each
serviceprovider authenticated identity?  In other words, once a
serviceprovider authenticates with the identityprovider, the
identityprovider queries a database for the appropriate SAML consumer
address for that serviceprovider.

HTH,
jim christopher




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]