[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] One token per endpoint-address?
Christian Mielke wrote: > In this case, I want to use SAML only for simple > AuthenticationStatements. I use them as endorsed supporting tokens. > So for me it would be the best when a client gets a token and can use > for every web-service on the server. Well, as I mentioned before. This may not be up to you. A token issuer may explicitly indicate to whom the token may be sent. If it does, then that's it. There isn't anything you can do. > Problem is the WCF implementation of Microsoft which calls the STS > for each web-service, means a generated WCF client requests for each > service a token (AppliesTo in the request). This is pretty common and not terribly surprising. -- SWITCH Serving Swiss Universities -------------------------- Chad La Joie, Software Engineer, Security Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland phone +41 44 268 15 75, fax +41 44 268 15 68 chad.lajoie@switch.ch, http://www.switch.ch
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]