Skip to Content.
Sympa Menu

mace-opensaml-users - Re: Sigining of Assertion instead of Response

Subject: OpenSAML user discussion

List archive

Re: Sigining of Assertion instead of Response


Chronological Thread 
  • From: "Tom Scavo" <>
  • To:
  • Subject: Re: Sigining of Assertion instead of Response
  • Date: Tue, 16 Jan 2007 08:50:21 -0500
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=pPvEFKVe7A8EPJXwBpq9BCpPBoLw7Sn3MFL4Wlv0o5JyDsnIRQzaKRQnLmMc4m2dC2LW+3MFUs6vBHjW/zRa/gGcQER8MviS9x+sx21Pf8/Db5OOM4syLHQM+NTpyzKBO5MlMdboGVTNAkc/7qxVWIsd5iv5xL94DuryC8zc4Wo=
On 1/16/07, Andreas Vallen
<>
wrote:

This MUST makes the use of the metadata attribute "WantAssertionSigned" that
Tom pointed
to in the other posting, even more confusing:
The POST and Redirect bindings' rules would override this attribute leaving
only the
Artifact binding to be influenced by its setting. Is this correct?

Mostly, yes. The Assertion Query/Request Profile and the SAML URI
Binding are also covered by this attribute. Essentially any assertion
consumed by the Assertion Consumer Service at the SP is affected, I
think.

Tom

Archive powered by MHonArc 2.6.16.

Top of Page