OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [saml-dev] multi-valued SAML attributes

On Thu, Nov 13, 2014 at 6:21 PM, Cantor, Scott <cantor.2@osu.edu> wrote:
> On 11/13/14, 11:18 PM, "Tom Scavo" <trscavo@internet2.edu> wrote:
>>Can two <saml:Attribute> elements with the same Name/NameFormat values
>>appear in a single <saml:AttributeStatement> element? (I would have
>>swore that was illegal.)
> I vaguely recalled text precluding it, but it doesn't exist, so it's
> legal, though not a terrific idea if you want a lot of code to work.

Ah, I found this in the section on attribute query:

"A single query MUST NOT contain two <saml:Attribute> elements with
the same Name and NameFormat values (that is, a given attribute MUST
be named only once in a query)."

Can we infer anything from that? (It's a stretch, I know.)

Actually, the original question stems from the use of the
<mdattr:EntityAttributes> extension. I really hate to see two
attributes with the same name in there but I don't seem to have a
normative leg to stand on (except the obscure reference above).


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]