OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] Common fields/attributes in Auth Response and Assertion

On 4/7/14, 1:38 PM, "Vasu Y" <vyal2k@yahoo.com> wrote:

>What is the intent of some the fields like Destination, InResponseTo,
>Issuer, IssueInstant, Version being present in both the SAML
>authentication Response as well as in the contained Assertion (like
>Receipient, InResponseTo in bearer SubjectConfirmationData, Issuer in
>both the Response and Assertion)?

So that signing the assertion is sufficient to secure the profile.

>Will the values of these common fields be always same (between Response &
>Assertion) or can they be different sometimes? If for instance, what
>could be a likely case, when the value of Destination in Response and the
>value of Recipient in SubjectConfirmationData
> be different?

That depends on the profile.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]