OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] Validation of SAML-tokens



Scott Wiseman
Sr. Internet Marketing Consultant 
(310) 281-3360
http://www.optawise.com 
 There were 6.8 Billion Searches Last Month. Where were you?
. Web Design: Custom, Search Engine Friendly, & Search Engine Optimized. 
. Search Engine Optimization (SEO): On Site, Off Site, Content Creation, Link Building, Tracking,  & Complete Reporting using Google Analytics. 
. Pay-Per-Click (PPC): Fully Tracked, Managed, & Optimized. (phone calls, online sales, &  online lead submissions) 
. Social Media Strategy & Implementation: Viral Marketing, Email Campaigns, & Web 2.0 Technology. 
. Branding: Logo Design, Letter Head Creation, & Business Cards. 
. Complete Site Review & Analysis. 
. Competition Research & Analysis. 

Optimize with Optawise and see your sales grow!
http://www.nielsen-netratings.com/pr/pr_080118.pdf 


-----Original Message-----
From: michael.mccormick@wellsfargo.com [mailto:michael.mccormick@wellsfargo.com] 
Sent: Tuesday, December 16, 2008 3:10 PM
To: chad.lajoie@switch.ch; saml-dev@lists.oasis-open.org
Subject: RE: [saml-dev] Validation of SAML-tokens

Artifact profile requires a callback to IDP, but post profile does not.  A signed SAML assertion delivered via post should enable any relying party (SP) to trust the identity asserted without any direct interaction whatsoever with the identity provider.

-----Original Message-----
From: Chad La Joie [mailto:chad.lajoie@switch.ch] 
Sent: Monday, December 15, 2008 7:54 AM
To: saml-dev@lists.oasis-open.org
Subject: Re: [saml-dev] Validation of SAML-tokens

No mechanism that I've seen used requires you to go back to the IdP in order to validate a token.  In fact, I'm pretty sure they were designed specifically to not require this.

Krentz, Konrad-Felix wrote:
> Hi,
>  
> we are working on a Web Service gateway. It will have a support for SAML-tokens. So the SOAP-Request comes with a SAML-token, in order to authenticate users.
>  
> Is it possible to validate SAML-tokens without connecting the identity provider?
>  
> -thanks
>  
> Konrad
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
> For additional commands, e-mail: saml-dev-help@lists.oasis-open.org
> 

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland phone +41 44 268 15 75, fax +41 44 268 15 68 chad.lajoie@switch.ch, http://www.switch.ch


---------------------------------------------------------------------
To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: saml-dev-help@lists.oasis-open.org



---------------------------------------------------------------------
To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: saml-dev-help@lists.oasis-open.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]