[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Issue 30: Need a mechanism to identify token assertions
This is now logged as issue 30. Marc Goodner Technical Diplomat Microsoft Corporation Tel: (425) 703-1903 Blog: http://spaces.msn.com/mrgoodner/ -----Original Message----- From: Dittmann, Werner [mailto:werner.dittmann@siemens.com] Sent: Thursday, February 09, 2006 12:17 AM To: ws-sx@lists.oasis-open.org Cc: Marc Goodner Subject: NEW Issue: Need a mechanism to identify token assertions PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has occurred. Protocol: ws-sp ws-securitypolicy-1.2-spec-ed-01-r03-diff.pdf Artifact: spec Type: design Title: Need a mechanism to identify token assertions Description: An implementation that uses Security Policy Language has to know how to populate the required tokens, e.g. UsernameToken or X509 tokens. Because a policy file usually contains several token assertions there should be a mechanism avaliable to identify a token assertion. For example if a policy requires two UsernameToken in a supporting token the application that creates the message needs a way to link the different UsernameToken assertions to the user data records that contains username, password, etc. To do so the application shall be able to identify the UsernameToken and use this identifier as a link to the user data record. Simliar mechanisms are required to locate the correct X509 certificate in a keystore, for example. Related issues: none Proposed Resolution: Add an Id or name attribute or to token assertions. Any other ideas how to identify token in a Poliy file and associated them with real user/alias data? Werner Dittmann Siemens COM MN CC BD TO mailto:Werner.Dittmann@siemens.com Tel: +49(0)89 636 50265 Mobil: +49(0)172 85 85 245
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]