[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Issuer and webSSO profile.
> It is not clear though which element in the NameIDType is a MUST: > > NAmeQualifier/SPNameQualifier/SPProvidedID. That's not a profile issue, it's up to the Format of the NameID in use. Only persistent and transient even address the qualifiers, otherwise they are unused. > From what is written on line 473-475 of the Core > "NameQualifier and SPNameQualifier SHOULD be omitted." I > assume that the only MUST element is SPProvidedID. That is not a MUST unless the NameID in question has one set. > NOTE: Also I noticed that <Issuer> is also used in the > AuthResponse / Assertion and even if now the issuer is an > IDP the element in the <Issuer> tag is still > "SP"NameQualifier or "SP"ProvidedID. There is no such requirement, those attributes are NameID-related, they have nothing to do with the Issuer. If the qualifiers happen to match existing fields, that's coincidental. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]