On Tue, Mar 7, 2017 at 2:12 PM, Ishara Karunarathna <[email protected]> wrote:
> Hi Johan, > > > > On Mon, Feb 27, 2017 at 10:51 AM, Johann Nallathamby <[email protected]> > wrote: > >> In claims based identity management we MUST have a "Issuer" for each >> claim. Each claim is made by an issuer, and you trust the claim only as >> much as you trust the issuer. >> >> For example, you will trust a claim made by your organization's internal >> IDP connected to the internal identity store, more than you trust a claim >> made by the user himself. >> > Are we going to use this within the server. For example we can write a > policy using issuer of the claims. > Yes, there are use cases like, it might allow only claims from perticular issuers to be used as subject claim. In simple words, for a subject claim it can only use claims that are inherited values from the system; not a claim that is allowed change by the user. So, +1 for adding the issuer. Thanks, > > And do we expect to send these information to connecting service providers. > if so it may be a custom attribute that we need to send to customers such > as authenticated IDP list. > > -Ishara > > >> >> Our current "Claim" object model contains following attributes [1]. >> 1. Dialect URI >> 2. Claim URI >> 3. Value >> >> Can we add "Issuer" attribute also to this model? >> >> [1] https://github.com/wso2/carbon-identity-mgt/blob/master/ >> components/org.wso2.carbon.identity.mgt/src/main/java/org/ >> wso2/carbon/identity/mgt/claim/Claim.java >> >> Regards, >> Johann. >> >> -- >> >> *Johann Dilantha Nallathamby* >> Technical Lead & Product Lead of WSO2 Identity Server >> Governance Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> > > > > -- > Ishara Karunarathna > Associate Technical Lead > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: [email protected], blog: isharaaruna.blogspot.com, mobile: > +94717996791 <+94%2071%20799%206791> > > > -- Regards, *Darshana Gunawardana*Associate Technical Lead WSO2 Inc.; http://wso2.com *E-mail: [email protected] <[email protected]>* *Mobile: +94718566859*Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
