[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] ECP Profile and PAOS Binding
> are ECP Profile and PAOS Binding intended to be used with Web Services - > where the ECP is a Web Service Consumer and the SP is a Web Service > Provider? Not really, no. It's not impossible to do it, but you're somewhat constrained to HTTP because of the profile language, and what you end up doing is sticking a SAML protocol exchange in the middle of your SOAP messages, which is a little odd. The more reasonable approach (and this works with a lot of non-HTTP profiles of SAML authentication) is to separate the SAML half from the SOAP half: 1. WSC gets SAML Assertion from IdP 2. WSC binds SAML Assertion to SOAP message with WSS-STP and sends to WSP Liberty WSF 2.0 profiles both halves, and includes a profile of SAML 2.0 for the first half using a SAML AuthnRequest over SOAP. In that way, it's similar to ECP but more suited to a SOAP application. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]