[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] Front-channel AttributeQuery Profile
> I'd like to exploit the possibility of implicitly referring > to the current user (as things are front-channel), and > therefore I am abit stucked because the AttributeQuery > extends SubjectQueryAbstractType (if I remember correctly), > wher a Subject MUST be included. IIRC, the response assertion must strongly match the requested subject as well. > Would it be a good idea to omit the NameID, and use > Subjectconf as sender-vouces or bearer... Something like > this? Better ideas appreciated.... How about defining a new NameID which takes no value, but whose presence in the request indicates that the SAML Issuer must return a statement within the assertion which takes a value that names the subject of the enveloping assertion. It's fairly ugly, but... josh. JANET(UK) is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]