mace-opensaml-users - Re: Caching Assertions with the OneTimeUse Condition
Subject: OpenSAML user discussion
List archive
- From: "Tom Scavo" <>
- To:
- Subject: Re: Caching Assertions with the OneTimeUse Condition
- Date: Fri, 29 Jun 2007 09:43:42 -0400
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=cLSdcSl6puGISAtn/Ywa40Cy0MmOtAGzNMvdq+OoZNPzVU0qnrsuTSSi2xoHIiRnVYZVSrpepYXgWsZ5aEynyLz+2KZOPoc0YC+kVSuJ9gvc3ajr8Qyogn78k7BrHEf+F10ziGu9qh0Cr2HvNBK3/aLvQVEJD7lEXveC9Fm2h3g=
[this thread probably belongs in
]
On 6/29/07, Arnout Engelen
<>
wrote:
Hi,
saml-core defines, on page 24:
To support the single use constraint, a relying party should maintain a
cache of the assertions it has processed containing such a condition.
Whenever an assertion with this condition is processed, the cache should
be checked to ensure that the same assertion has not been previously
received and processed by the relying party.
How can the relying party tell, in general, whether the incoming
assertion is a duplicate of a previously received and processed
assertion, rather than a fresh one that happens to contain the same
information?
Every assertion has a unique ID, so perhaps you could use that.
Hope this helps,
Tom
- Caching Assertions with the OneTimeUse Condition, Arnout Engelen, 06/29/2007
- Re: Caching Assertions with the OneTimeUse Condition, Tom Scavo, 06/29/2007
Archive powered by MHonArc 2.6.16.