OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] SAML 2.0 – Name Qualifier Question

On 1/8/07, i2ware i2ware <i2coder@gmail.com> wrote:
>
> TB adds some more additional attributes to what IDP provided. The trust
> relationship is between IDP and TB , TB and SP.

Your IdPs don't mind that you re-package and re-assert attributes for
which *they* are authoritative?  I sure wish that were true in my
world ;-)

> <saml:NameID
> Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
> NameQualifier="idp1.com" SPNameQualifier="sp1.com">uid=joe,o=
> idp1.com</saml:NameID>

Did you mean to put a DN in here?  A transient identifier is an opaque string...

Tom

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]