[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: AuthnRequest
> when I started to initially develop the KRB use cases it transpired that > <AuthnRequest> would satisfy part of the requirements. In particular by > being able to obtain an assertion for the requesting principal or an > Artifact/reference to an assertion. Having just re-read the latest core > spec I can't determine how an Artifact/reference could be returned. > > Could you (hopefully) point out how this this requirement is > satisfied. It's my view that this is a binding issue, and the AuthnRequest contains an optional ProtocolBinding element to allow a requester that supports multiple bindings to specify the one it wants. If a requester only supported one, it could leave this out and the responder would use the requester's metadata to find out which binding to use. The one thing this doesn't support is explicitly getting an assertion by reference as opposed to a response by reference (the artifact). We could address this by changing the Response content model to permit returning Assertions or AssertionIDReference/AssertionURIReference elements. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]