OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: AttributeQuery with Redirect binding


I'm trying to implement a SAML message exchange for (amongst others) attributes. For this, I want to use the Redirect-binding and the AttributeQuery message type. However, I can't seem to find the element that is used for this message type to indicate the location to which the response message must be returned.

For the AuthnRequest message, the element that serves this purpose is AssertionConsumerServiceURL. However, this is only described as part of the AuthnRequest message and not for the RequestAbstractType supertype of AttributeQuery.

Does SAML support AttributeQuery messages to be sent in a Redirect-binding? If so, how can you indicate the location to which the response must be returned in this situation? If not, is there a solution that is generally accepted to handle this situation?

I've thought of using the Issuer element to indicate the response location but the standard indicates it should identify the entity that *generated* the request message, which is not the entity to which the response should be returned in my case.

I've looked into the standard but cannot find any mention of how to query for attributes in a Redirect-binding. Also, I am aware that the redirect-binding has its constraints with regard to the size of the request. I would, however, like to know if it is currently supported in any way.

Thanks in advance,


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]