OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: How to provide SAML assertions in RESTful services

In defining a RESTful AP to a healthcare service, that really needs a SAML identity assertion to enable access controls on the service-provider (RESTful service provider). When using SOAP, this is easily done with WS-Security, but I am struggling with how to specify how a SAML assertion would be carried to the relying-party on the RESTful request. The browser-sso-profile doesn’t work well for non-browser transactions. Is there a recommendation on how to do this?


One solution that I have not yet researched is to use OAuth as a wrapper.



John Moehrke
Principal Engineer: Interoperability and Security
GE Healthcare


M +1 920 912 8451




3200 N. Grandview Blvd

Mail stop:  WT-881

Waukesha, WI  53188


GE imagination at work


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]