[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] Proposed text for query semantics
Section 3.5.5 Responses to <AuthenticationQuery> and <AttributeQuery> Responses to Authentication and Attribute queries are constructed by matching against the <saml:Subject> element found within the <AuthenticationQuery> or <AttributeQuery> elements. In response to these queries, every assertion returned by a SAML responder MUST contain at least one statement whose <saml:Subject> element <em>strongly matches</em> the <saml:Subject> element found in the query. A <saml:Subject> element S1 strongly matches S2 iff: (1) If S2 includes a <saml:NameIdentifier> element, then S1 must include an identical <saml:NameIdentifier> element. (2) If S2 includes a <saml:SubjectConfirmation> element, then S1 must include an identical <saml:SubjectConfirmation> element.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC