3 messages in org.oasis-open.lists.wss-commentRe: [wss-comment] Passing binary data...| From | Sent On | Attachments |
|---|---|---|
| Tony Opatha | Sep 19, 2003 4:00 pm | |
| Ron Monzillo | Oct 7, 2003 8:39 am | |
| Hal Lockhart | Oct 7, 2003 8:42 am |
| Subject: | Re: [wss-comment] Passing binary data in SAML Assertion Token | |
|---|---|---|
| From: | Ron Monzillo (rona...@sun.com) | |
| Date: | Oct 7, 2003 8:39:05 am | |
| List: | org.oasis-open.lists.wss-comment | |
Hi Tony,
The SAML token profile, defines how one uses one of two SAML specified confirmation mechanims (sender-vouches and holder of key) to bind an assertion (containing one or more subject statements each with embedded subject identifier) to a SOAP msg.
Said another way, the SAML token profile provides 2 mechanims to identify the "client" of a SOAP msg in a manner such that a msg receiver can authenticate the binding of the assertion (and thus the subjects that it contains) to the msg.
Additional identifying attributes can also be conveyed within the SAML assertion, but neither SAML or the SAML token profile standardize specific attributes to be included in assertions.
SAML defines the values that can be carried as the subject in subject statements.
Ron
Tony Opatha wrote:
Is it possible to include binary data in an SAML Assertion token such that the token is used to identify a SOAP client by inclusion of the token in the SOAP Security Extension header i.e., <wss:security> element?
In the SAML spec it seems like there is a way to pass non-XML application data that may be processed by a receiving party's security service?
It is possible to include binary data in SAML token as part of <saml:Attribute> and would conforming WSS SOAP Security implementation accept a SAML token passed in the SOAP security header with binary token data included in the Assertion token containing AttributeStatement in binary form?
Any help will be appreciated.
------------------------------------------------------------------------ Do you Yahoo!? Yahoo! SiteBuilder <http://us.rd.yahoo.com/evt=10469/*http://sitebuilder.yahoo.com> - Free, easy-to-use web site design software