Skip to Content.
Sympa Menu

mace-opensaml-users - RE: Evidence Element

Subject: OpenSAML user discussion

List archive

RE: Evidence Element


Chronological Thread 
  • From: Scott Cantor <>
  • To: 'Martini Silvia' <>
  • Cc: 'saml' <>
  • Subject: RE: Evidence Element
  • Date: Tue, 13 May 2003 10:52:02 -0400
  • Importance: Normal
  • Organization: The Ohio State University

> In fact, the two classes mentioned above, do not create the
> element Evidence (they behave as in the case of the Action
> element). For example, the following is a Request that is not
> SAML compliant:

I think the bug was fixed in cvs for the statement, but not for the query. I
applied the fix there as well.

You should be aware that AuthzStatements in SAML are essentially deprecated
at this point, and will be officially so in SAML 1.1.
That work was taken up more thoroughly by XACML.

> I have an additional question:
> why all elements are created as "nameOfTheElement" with an
> attribute identifying the NS, instead of using
> "SAML:nameOfTheElement"? (I know that the resulting xml is valid).

Personal preference mainly. Most of the elements don't have to carry any
namespace declarations except for the top and when the
protocol/assertion boundary is crossed. I might change it someday when I'm
more confident in the code, but it helps to expose errors
if the default is used and something doesn't match.

DOM3 is finally adding namespace normalization and fixup, which is long
overdue. Current DOM APIs are more or less broken in
namespace handling anyway, since relying on the programmer to apply prefixes
in the right places is just silly.

-- Scott

---------------------------------------------------mace-opensaml-users-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at

http://archives.internet2.edu/

---------------------------------------------------mace-opensaml-users--



  • Evidence Element, Martini Silvia, 05/13/2003
    • RE: Evidence Element, Scott Cantor, 05/13/2003

Archive powered by MHonArc 2.6.16.

Top of Page