[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Comment on metadata-02e...
|
In the update for SPSSODescriptor, the
<AttributeConsumingService> states: “At
most one <AttributeConsumingService>
element can have the attribute isDefault set
to true. When multiple
elements are specified and none has the attribute isDefault set to true,
then the first
element whose isDefault attribute is not set to false is to be used as the
default. If all elements have
their isDefault attribute set to false, then the first
element is considered the default.” I think I disagree with the last sentence. I think
that if no element is marked as the default, there should be NO default. Since the
indices are used in an AuthnRequest so that an SP can request one collection of
attributes per transaction, I don’t see a way for me to request that NO
attributes be sent in the response assertion. If I don’t provide an
index in my AuthnRequest, isn’t it always going to send either the first
set (if all “isDefault” values are false), or the first one it
finds with isDefault set to true? I need a way to say that some applications might not need
attributes at all, so don’t bother sending them, while others do need
them. Am I missing something? Rob Philpott |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]