[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Moving subjects up to assertions (disregardfirst reply)
Sorry, belay that last post, I pulled out an earlier sketch I had done before we settled on not having per-statement subject confirmation, so I was down a different track there. I suggest this instead: <Statement> of StatementAbstractType (empty) <SubjectStatement> SubjectStatementAbstractType (also empty) SubjectStatementAbstractType does not derive from StatementAbstractType. Then inside AssertionType: ...usual assertion header, conditions, etc. <choice> <sequence> <element ref="saml:Subject"/> <choice maxOccurs="unbounded"> <element ref="saml:SubjectStatement"> <element ref="saml:AttributeStatement"> <element ref="saml:AuthnStatement"> <element ref="saml:AuthzDecisionStatement"> </choice> </sequence> <sequence> <element ref="saml:Statement" maxOccurs="unbounded"/> </sequence> </choice> <Subject> still has the current overall design, I assume, where you either have an identifier plus zero or more confirmations OR you have just one or more confirmations. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]