OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [saml-dev] Multiple AuthnStatements in Assertion


What are some use cases where multiple AuthnStatements are sent, and
what are some examples of how Service Providers handle them?

On Tue, Feb 11, 2014 at 2:30 PM, Cantor, Scott <cantor.2@osu.edu> wrote:
> On 2/11/14, 1:10 AM, "Vasu Y" <vyal2k@yahoo.com> wrote:
>
>>Hi,
>> I am designing a service provider and i would like to know the likely
>>scenarios in which an Assertion (authentication response from IDP) would
>>return/contain multiple AuthnStatements?
>
> SAML is a generic standard; what it permits is not specific to any one
> profile or use case. Your use case may have no need for the concept.
>
> That said, if you're supporting the Browser SSO profile, then there is no
> limit to the number of statements allowed, which means you have no choice
> but to handle that. I am not aware of any good explanation for what it
> would be for or what it would mean. I expect many implementations are
> buggy and ignore more than one.
>
> -- Scott
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: saml-dev-unsubscribe@lists.oasis-open.org
> For additional commands, e-mail: saml-dev-help@lists.oasis-open.org
>

-- 
CONFIDENTIALITY NOTICE: The information contained in this electronic 
transmission may be confidential. If you are not an intended recipient, be 
aware that any disclosure, copying, distribution or use of the information 
contained in this transmission is prohibited and may be unlawful. If you 
have received this transmission in error, please notify us by email reply 
and then erase it from your computer system.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]