Hi,
I am trying to get familiar with SAML with apache cxf sts. I have more
of generalized question.
When the client sends RST to STS, how does the the STS knows it is
following saml 1.0 or 2.0 and holder of key, bearer etc confirmation method.
Do we need to specify in the STS policies?
e.g. In the STS sample that were shared along with the cxf package, by
default it generates saml 2.0 and hold of the key subject confirmation.
When i look into the STS.wsdl in the sts samples folder, i did not
find any clue, how these parameters are passed in the RST request from
client.
When i look into the requests that are flowing over the wire using
tcpmon, the following sequence of steps are happening.
1. Client will request the STS wsdl
2. once the client gets STS wsdl, then client will send RST with
RequestTokenType as
"http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
3. When i see the response from STS, i see that saml token 2.0 and with
hok as confirmation method
My question in specific is How does the client knows whether
RequestTokenType is 1.0 or 2.0 in the RST
In RSTR, how the confirmation method comes as HOK?
--
View this message in context:
http://cxf.547215.n5.nabble.com/saml-subject-confirmation-method-tp5723511.html
Sent from the cxf-user mailing list archive at Nabble.com.
