OpenSAML user discussion

["Satish Burnwal" <>]

I just took a look at the SAML 1.1 schema and that also uses AssertionID
attribute and not the ID atribute. ID attr is used in SAML 2.0 ver only. My
question is - and as I find at quite a few places over the internet - can I
use the URI reference value as the value of AssertionID  ? Is it really a
standard (and if so any doc to suffice that) ?

And Tom - what I posted is SAML 1.0 sample and not 1.1. Just the
NameIdentifier format is 1.1

--Satish

-----Original Message-----
From: Scott Cantor 
[mailto:]
 
Sent: Thursday, July 31, 2008 9:16 PM
To: 

Subject: RE: [OpenSAML] Unable to extract SAML token

> On Thu, Jul 31, 2008 at 7:22 AM,  
> <>
>  wrote:
> > I am using SAML 1.0.
> 
> The example you posted is a SAML V1.1 assertion.  Am I missing something?

For the record, I didn't actually look. ;-)

That aside, my recollection is that because the ID attribute was specific to
SAML 1.1, and also "custom" in the sense that you had to know about SAML to
handle it, the WSS profile does not permit so-called direct references,
wherein you sign the assertion directly. An STR is used to wrap it with a
known element and a known ID attribute.

But as always, I defer to the spec, I don't know it in detail.

-- Scott