[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: NEW Issue: Need a mechanism to identify token assertions
PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has occurred. Protocol: ws-sp ws-securitypolicy-1.2-spec-ed-01-r03-diff.pdf Artifact: spec Type: design Title: Need a mechanism to identify token assertions Description: An implementation that uses Security Policy Language has to know how to populate the required tokens, e.g. UsernameToken or X509 tokens. Because a policy file usually contains several token assertions there should be a mechanism avaliable to identify a token assertion. For example if a policy requires two UsernameToken in a supporting token the application that creates the message needs a way to link the different UsernameToken assertions to the user data records that contains username, password, etc. To do so the application shall be able to identify the UsernameToken and use this identifier as a link to the user data record. Simliar mechanisms are required to locate the correct X509 certificate in a keystore, for example. Related issues: none Proposed Resolution: Add an Id or name attribute or to token assertions. Any other ideas how to identify token in a Poliy file and associated them with real user/alias data? Werner Dittmann Siemens COM MN CC BD TO mailto:Werner.Dittmann@siemens.com Tel: +49(0)89 636 50265 Mobil: +49(0)172 85 85 245
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]