[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] Assertion and EncryptedAssertion
On 1/30/12 8:16 PM, David Yu wrote: > Dear SAML experts, > I have a question regarding Assertion and EncryptedAssertion. > I think I need either Assertion or EncryptedAssertion in the > SAMLResponse but not both for it to work. > Correct me if I am wrong. > However, I did not see in the document that a response can only have > exactly one Assertion or EncryptedAssertion. > Is it defined in the schema? Yes, it is defined. A SAML 2 ResponseType can contain 0 to unbounded Assertion and/or EncryptedAssertion elements. It is not limited to 1 and the multiple Assertions and EncryptedAssertions can appear in any order, since it's an unbounded choice. The schema snippet: > <element name="Response" type="samlp:ResponseType"/> > <complexType name="ResponseType"> > <complexContent> > <extension base="samlp:StatusResponseType"> > <choice minOccurs="0" maxOccurs="unbounded"> > <element ref="saml:Assertion"/> > <element ref="saml:EncryptedAssertion"/> > </choice> > </extension> > </complexContent> > </complexType>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]