OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] Proposed text for query semantics

Section 3.5.5 Responses to <AuthenticationQuery> and <AttributeQuery> 
 
Responses to Authentication and Attribute queries are constructed by
matching against
the <saml:Subject> element found within the <AuthenticationQuery> or
<AttributeQuery> elements. In response to these queries, every assertion
returned by a SAML responder MUST contain at least one statement whose
<saml:Subject> element 
<em>strongly matches</em> the <saml:Subject> element found in the query. 
 
A <saml:Subject> element S1 strongly matches S2 iff:
 
(1) If S2 includes a <saml:NameIdentifier> element, then S1 must include an
identical <saml:NameIdentifier> element.
 
(2) If S2 includes a <saml:SubjectConfirmation> element, then S1 must
include an identical <saml:SubjectConfirmation> element.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC