OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] Multiple AuthnStatements in Assertion

On 2/11/14, 1:10 AM, "Vasu Y" <vyal2k@yahoo.com> wrote:

> I am designing a service provider and i would like to know the likely
>scenarios in which an Assertion (authentication response from IDP) would
>return/contain multiple AuthnStatements?

SAML is a generic standard; what it permits is not specific to any one
profile or use case. Your use case may have no need for the concept.

That said, if you're supporting the Browser SSO profile, then there is no
limit to the number of statements allowed, which means you have no choice
but to handle that. I am not aware of any good explanation for what it
would be for or what it would mean. I expect many implementations are
buggy and ignore more than one.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]