OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [saml-dev] NameID-less SAML Subject


> What is a use case for this type of SAML Subject?  Can someone give a
> real example of a SAML Subject without a name identifier?

Any deployment that doesn't require a message back to the IdP at some point
with the subject in it to reference the original is a candidate for not
including one to begin with. It's just an attribute, if you don't need it,
why use it?

Historically I think SAML 1.1 was wrong to require a NameIdentifier in the
browser profile. 2.0 probably has the same error, but in that case, you need
it for SingleLogout to work.

-- Scott




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]