OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: step-up authentication

I'm writing a deployment profile for step-up authentication where an
SP sends the following AuthnRequest to the IdP:

<samlp:AuthnRequest ...>
   <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">
 <samlp:NameIDPolicy AllowCreate="false"/>

As a result, the IdP authenticates the given Subject according to the
RequestedAuthnContext and then issues an assertion with a "strongly
matching" Subject and a matching AuthnContext.

Is this a reasonable profile of the elements of SAML Core? Assuming
that's the case, does anyone know of a product that implements this
profile (or something like it)?



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]