OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Groups - saml-session-token-v1.0-wd03.pdfuploaded

> > I guess I could eliminate the requirement. In the environments this is
> > targeted at the NameID, whether long term or pseudonymous, is used as a
> > lookup key to find other attributes for access control. It also may be used by
> > the application in various ways.
> What I'd probably expect, I suppose, is creating a new format, perhaps, or
> using a transient, and using the session key as the NameID.

Actually, belay that, obviously that won't work. The main question I'm asking is whether it's a requirement for the NameID to be present to make what you're doing work, if the original SSO assertion didn't have one.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]