[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Seeking a high-level understanding of the Name Identifier Mapping Protocol
> Well, Entity A doesn't know anyone by this name, so Entity A > sends a NameIDMappingRequest to IdP, "Hey, what other names > does technowhiz@hotmail.com <mailto:technowhiz@hotmail.com> > have?" Here's how that is generally expressed in XML: That's not the question that a NameIDMappingRequest asks. It's not "what other names", it's "give me the name with these properties...". > Question #1: does this scenario accurately capture the > purpose and mechanism of the Name Identifier Mapping Protocol? No. See above. It's mainly for cross-walking federated/persistent IDs across namespaces. Usually the Format is just "persistent" and the SPNameQualifier is the varying factor. Liberty itself isn't even using it now. The need for batch requests and more freedom in the representation led to a new Identity Mapping protocol in WSF 2.0. > Question #2: suppose the principle goes by more than two > names; how does IdP reply with all the names? It doesn't, that's not the point of the protocol. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]