Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Regarding SAML artifact size

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Regarding SAML artifact size


Chronological Thread 
  • From: Siva prakash I V <>
  • To:
  • Subject: Re: [OpenSAML] Regarding SAML artifact size
  • Date: Thu, 18 Nov 2010 17:50:53 +0530
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=hVLE6TSLpJuVj4W0LFimzkeDotEgZaqW3IZqm80opNR3RPP/U5Zr7al1ilCUvFpftP V7IrsTBAmxe1vU8D7QlSV1zGVcLy5hb1LaBaHA8BgpP9mYjaqr2tM3e+BEIxofXz1Xc3 2HSL67UZ39BuKI+LbMbj6moo6jP4vNKldybUQ=

As I'm new to SAML, please clarify me one thing.
 
If I'm not wrong, type code 0x0004 uniquely identifies the mentioned 44 byte character sequence which is already implemented in Open SAML.
But as I'm forced to generate a MESSAGE_HANDLE of more than 20 bytes which does't allow me to use the format of type code 0x0004, can I use
a different type code which uniquely defines my custom format ? Is this recommended as long as the source and destination sites can go with.
 
 
 

 
On Thu, Nov 18, 2010 at 5:25 PM, Chad La Joie <> wrote:
OpenSAML already has support for the various defined artifacts, so you don't need to implement those specifically.  As far as which type to use, it's up to you.  Personally I find type 4 artifacts, the one you're talking about, a lot easier to use than the other ones because it doesn't require looking up data via hashes or other such work.


On 11/18/10 6:45 AM, Siva prakash I V wrote:
Hi,
I'm trying to implement SAML artifact binding. I've read that a SAML
artifact needs to be a 44 byte sequence
containing TYPECODE (2 bytes) ENDPOINTINDEX (2 bytes) SOURCEID (20
bytes) MESSAGE_HANDLE(20 bytes).
Is this Format along with the accommodated size is a MANDATORY one or a
RECOMMENDED one.
As an issuer of Artifact can I create an artifact having more than 20
byte MESSAGE_HANDLE. Is this an acceptable one?
Thanks,
Siva Prakash

--
Chad La Joie
http://itumi.biz
trusted identities, delivered




Archive powered by MHonArc 2.6.16.

Top of Page