OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] Assertion and EncryptedAssertion

On 1/30/12 8:16 PM, David Yu wrote:
> Dear SAML experts,
> I have a question regarding Assertion and EncryptedAssertion.
> I think I need either Assertion or EncryptedAssertion in the
> SAMLResponse but not both for it to work.
> Correct me if I am wrong.
> However, I did not see in the document that a response can only have
> exactly one Assertion or EncryptedAssertion.
> Is it defined in the schema?

Yes, it is defined. A SAML 2 ResponseType can contain 0 to unbounded
Assertion and/or EncryptedAssertion elements. It is not limited to 1 and
the multiple Assertions and EncryptedAssertions can appear in any order,
since it's an unbounded choice.

The schema snippet:

>    <element name="Response" type="samlp:ResponseType"/>
>     <complexType name="ResponseType">
>         <complexContent>
>             <extension base="samlp:StatusResponseType">
>                 <choice minOccurs="0" maxOccurs="unbounded">
>                     <element ref="saml:Assertion"/>
>                     <element ref="saml:EncryptedAssertion"/>
>                 </choice>
>             </extension>
>         </complexContent>
>     </complexType>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]