shibboleth-dev - Re: Constrained delegation with additional attributes
Subject: Shibboleth Developers
List archive
- From: Tom Scavo <>
- To:
- Cc: Scott Cantor <>,
- Subject: Re: Constrained delegation with additional attributes
- Date: Tue, 22 Nov 2005 10:55:43 -0500
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=pG4bWJMTat4iMIKFQ0ScJa+dLoUazOJzdIBgz/ZkLb3o9ND4Vz1UgknRHj+RpmstvYdIyY5qjm4eERuJnAlh0DzAsfpGzQsrWb/WCt3Fv/PeARW3Og4clY7nywEoxbruNr0bYGnwoevkgqaJDP17tjnuNpKlnVRDOmbTppMkuPQ=
On 11/22/05, Alistair Young
<>
wrote:
>
> What I'm not sure about is whether a SAML Subject, issued by an IdP is SP
> specific, i.e. would the AA release attributes to the VFS based on a SAML
> Subject it originally issued to the VLE?
To answer your question directly, no, a name identifier is not
SP-specific. It could be, I suppose, but AFAIK there is no
implementation of NameIdentifierMapping that takes into account the
requesting SP.
Tom
- Constrained delegation with additional attributes, Alistair Young, 11/21/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/21/2005
- RE: Constrained delegation with additional attributes, Alistair Young, 11/21/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/21/2005
- RE: Constrained delegation with additional attributes, Alistair Young, 11/22/2005
- RE: Constrained delegation with additional attributes, Alistair Young, 11/22/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/22/2005
- Re: Constrained delegation with additional attributes, Tom Scavo, 11/22/2005
- Re: Constrained delegation with additional attributes, Alistair Young, 11/22/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/22/2005
- RE: Constrained delegation with additional attributes, Alistair Young, 11/22/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/22/2005
- Re: Constrained delegation with additional attributes, Tom Scavo, 11/22/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/22/2005
- RE: Constrained delegation with additional attributes, Alistair Young, 11/23/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/23/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/23/2005
- RE: Constrained delegation with additional attributes, Alistair Young, 11/23/2005
- RE: Constrained delegation with additional attributes, Alistair Young, 11/22/2005
- RE: Constrained delegation with additional attributes, Alistair Young, 11/22/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/21/2005
- RE: Constrained delegation with additional attributes, Alistair Young, 11/21/2005
- RE: Constrained delegation with additional attributes, Scott Cantor, 11/21/2005
Archive powered by MHonArc 2.6.16.