[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-services-comment] profiles and bindings.
Hello Kenny, SAML bindings describe underlying mechanisms for how to transport SAML *protocol* (request/response) messages around. Thus, the SOAP binding explains how to communicate with a SAML-authority-as-SOAP-web-service. SAML profiles define templates for accomplishing some specific task using SAML *assertions*. Now, in the course of following the template, you may sometimes be in the position of communicating with a SAML authority by sending it requests and getting responses, and so this means that, embedded within each profile, there may be some instances of protocol binding usage. But sending an assertion by HTTP doesn't constitute a use of SAML's protocol. I suppose each profile could be said to be a whole new protocol all by itself, but we didn't go there... SAML profiles are a lot more complicated, and are on a different application level, than the basic SAML request/response protocol. Clear as mud? :-) Eve Kenny Yarmosh wrote: > Deer OASIS: > > I am a student and was recently doing some reading on SAML. I have read the > documentation but ideas related to profiles and bindings still are not > entirely clear to me. I understand that the binding is the means in which > the request/response assertion is transported but it seems to me that the > profile does somewhat the same thing. As defined, the profile states how a > SAML assertion is inserted or extracted from a message or protocol (that > makes sense). My confusion comes, however, because it seems in the case of > the SSO profile (through a Web browser) that first of all we are not using > the SOAP binding and that this actually defines another means for an > assertion to be transported (which would seem to indicate an additionally > binding via solely HTTP). Any info would be greatly appreciated. > > Sincerely, > > Kenny Yarmosh -- Eve Maler +1 781 442 3190 Sun Microsystems cell +1 781 354 9441 Web Technologies and Standards eve.maler @ sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC