[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] SAML 1.1 Multiple Attribute Statement
> > In what scenario I should use multiple AttributeStatement? > > Avoid multiple <AttributeStatement> elements if possible, for the sake > of interoperability. This seems overly restrictive to me. I can easily see cases where attribute statements having different purposes are added to the same assertion and I don't see any reason why that would be wrong. For example, Liberty has defined the DiscoveryServiceEPR attribute which contains a WS-A EndpointReference for the discovery service. If the IdP also wanted to include other attributes about the user for a given SP (perhaps a "role" attribute), I see no reason to not include that as a separate attribute statement rather than trying to kludge things together into a single attribute statement. Conor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]