[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Validation of SAML-tokens
Scott Wiseman Sr. Internet Marketing Consultant (310) 281-3360 http://www.optawise.com There were 6.8 Billion Searches Last Month. Where were you? . Web Design: Custom, Search Engine Friendly, & Search Engine Optimized. . Search Engine Optimization (SEO): On Site, Off Site, Content Creation, Link Building, Tracking, & Complete Reporting using Google Analytics. . Pay-Per-Click (PPC): Fully Tracked, Managed, & Optimized. (phone calls, online sales, & online lead submissions) . Social Media Strategy & Implementation: Viral Marketing, Email Campaigns, & Web 2.0 Technology. . Branding: Logo Design, Letter Head Creation, & Business Cards. . Complete Site Review & Analysis. . Competition Research & Analysis. Optimize with Optawise and see your sales grow! http://www.nielsen-netratings.com/pr/pr_080118.pdf -----Original Message----- From: michael.mccormick@wellsfargo.com [mailto:michael.mccormick@wellsfargo.com] Sent: Tuesday, December 16, 2008 3:10 PM To: chad.lajoie@switch.ch; saml-dev@lists.oasis-open.org Subject: RE: [saml-dev] Validation of SAML-tokens Artifact profile requires a callback to IDP, but post profile does not. A signed SAML assertion delivered via post should enable any relying party (SP) to trust the identity asserted without any direct interaction whatsoever with the identity provider. -----Original Message----- From: Chad La Joie [mailto:chad.lajoie@switch.ch] Sent: Monday, December 15, 2008 7:54 AM To: saml-dev@lists.oasis-open.org Subject: Re: [saml-dev] Validation of SAML-tokens No mechanism that I've seen used requires you to go back to the IdP in order to validate a token. In fact, I'm pretty sure they were designed specifically to not require this. Krentz, Konrad-Felix wrote: > Hi, > > we are working on a Web Service gateway. It will have a support for SAML-tokens. So the SOAP-Request comes with a SAML-token, in order to authenticate users. > > Is it possible to validate SAML-tokens without connecting the identity provider? > > -thanks > > Konrad > > --------------------------------------------------------------------- > To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: saml-dev-help@lists.oasis-open.org > -- SWITCH Serving Swiss Universities -------------------------- Chad La Joie, Software Engineer, Net Services Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland phone +41 44 268 15 75, fax +41 44 268 15 68 chad.lajoie@switch.ch, http://www.switch.ch --------------------------------------------------------------------- To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org For additional commands, e-mail: saml-dev-help@lists.oasis-open.org --------------------------------------------------------------------- To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org For additional commands, e-mail: saml-dev-help@lists.oasis-open.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]