[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: How to provide SAML assertions in RESTful services
In defining a RESTful AP to a healthcare service, that
really needs a SAML identity assertion to enable access controls on the
service-provider (RESTful service provider). When using SOAP, this is easily
done with WS-Security, but I am struggling with how to specify how a SAML
assertion would be carried to the relying-party on the RESTful request. The browser-sso-profile
doesn’t work well for non-browser transactions. Is there a recommendation
on how to do this? One solution that I have not yet researched is to use OAuth
as a wrapper. John Moehrke M +1 920 912 8451 John.Moehrke@med.ge.com productsecurity.gehealthcare.com Mail stop: WT-881 GE imagination at work |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]