OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Request for clarification regarding simple-sign spec

> Since the message is NOT being passed through a user agent, does this
> still apply?

This binding, like all the HTTP bindings, requires a user agent (in the
technical HTTP sense of the term). It's a relay binding between two SAML
servers, and that's the only use case for which it was specified.

> I can see the Destination attribute being useful on the
> initial request message (in our case an AuthnRequest) but not on the
> Response as that data is just the return of the HTTP request. However,
> the spec says it's a MUST. How does the receiving server know the
> endpoint at the sender when it's just responding to an HTTP request?

It has to know by definition, because the binding requires that you tell the
user agent where it's supposed to relay the message.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]