[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Validation of SAML-tokens
Artifact profile requires a callback to IDP, but post profile does not. A signed SAML assertion delivered via post should enable any relying party (SP) to trust the identity asserted without any direct interaction whatsoever with the identity provider. -----Original Message----- From: Chad La Joie [mailto:chad.lajoie@switch.ch] Sent: Monday, December 15, 2008 7:54 AM To: saml-dev@lists.oasis-open.org Subject: Re: [saml-dev] Validation of SAML-tokens No mechanism that I've seen used requires you to go back to the IdP in order to validate a token. In fact, I'm pretty sure they were designed specifically to not require this. Krentz, Konrad-Felix wrote: > Hi, > > we are working on a Web Service gateway. It will have a support for SAML-tokens. So the SOAP-Request comes with a SAML-token, in order to authenticate users. > > Is it possible to validate SAML-tokens without connecting the identity provider? > > -thanks > > Konrad > > --------------------------------------------------------------------- > To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: saml-dev-help@lists.oasis-open.org > -- SWITCH Serving Swiss Universities -------------------------- Chad La Joie, Software Engineer, Net Services Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland phone +41 44 268 15 75, fax +41 44 268 15 68 chad.lajoie@switch.ch, http://www.switch.ch --------------------------------------------------------------------- To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org For additional commands, e-mail: saml-dev-help@lists.oasis-open.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]