[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: New Issue: Need capability for services to describe requested claimtypes
PLEASE
DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS
ASSIGNED A NUMBER. The
issues coordinators will notify the list when that has occurred. Protocol:
wsfed http://docs.oasis-open.org/wsfed/federation/v1.2/cd/ws-federation-1.2-spec-cd-01.doc Artifact:
spec Type:
design Title:
Need capability for services to describe requested claim types Description: It
looks like there is not a way to specify the claim type requirements for
services in the federation metadata. The relying party (whether it is an
application or an STS) needs to indicate its claim type requirements such that
an IdentityProvider is able to adjust its issuance policy to meet these
requirements. SAML-Metadata
has mechanisms for expressing attributes requested and attributes offered for
SAML protocols. The new harmonized metadata document has elements for
ClaimTypesOffered and ClaimDialectOffered, but it does not have mechanisms for
indicating requested claim types. Proposal: Add
the following to the WebServiceRequestorType. <!—as
part of the complex type sequence --> <element
ref="fed:ClaimTypesRequested" minOccurs="0"
maxOccurs="1"/> <element
name="ClaimTypesRequested"
type="tns:ClaimTypesRequestedType"/> /fed:WebServiceDescriptorType/fed:ClaimTypeRequested This
OPTIONAL element allows a federation metadata provider to specify claim types,
using the schema provided by the common claim dialect defined in this
specification, that MAY or MUST be present in security tokens requested by the
service. See section 3.1.x for additional details. Introduce
a new section describing ClaimTypesRequested modeled on the section for
ClaimTypesOffered. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]