Hi Prateek,
I believe that your question belong to the control access layer. In this
case, XACML could be used.
Edson
prateek mishra escreveu:
The answer about my previous questions:
------------------------------------------------------
Hi Edson,
This seems like an interesting direction to go but certainly
WS-SecurityPolicy does not describe anything that would help capture
whether the SAML assertion had a particular confirmation method,
issuer name, attribute statement etc.
Is there some other specification that is yet to be developed that
would specify this information?
- prateek
-----original message---
Edson,
I believe your question is, how does a service tell a client the
required content for the SAML token the client will present to the
service. The sp:RequestSecurityTokenTemplate can include a wst:Claims
elements whose content can be used to specify claims that are required
by the service the client wants to talk to.
Hope this helps,
Gudge
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
