SAML AuthnQuery and AuthnStatement: Difference between revisions
Jump to navigation
Jump to search
| Line 66: | Line 66: | ||
<saml:Issuer NameQualifier="String" Format="http://www.coresecuritypatterns.com" | <saml:Issuer NameQualifier="String" Format="http://www.coresecuritypatterns.com" | ||
SPProvidedID="MyServiceProvider" | |||
SPNameQualifier="String"> | |||
Example | Example | ||
</saml:Issuer> | </saml:Issuer> | ||
<saml:Subject> | <saml:Subject> | ||
<saml:SubjectConfirmation | <saml:SubjectConfirmation | ||
Method="http://www.oasis-open.org/committees/security/docs/draft-sstc-core-25/password"> | Method="http://www.oasis-open.org/committees/security/docs/draft-sstc-core-25/password"> | ||
<saml:NameID NameQualifier="card:SQLDatabase"> | <saml:NameID NameQualifier="card:SQLDatabase"> | ||
SomeName | |||
<saml:NameID | </saml:NameID> | ||
<saml:SubjectConfirmationData NotBefore="2005-06-01T09:30:47.0Z" | |||
InResponseTo="NCName" | |||
Recipient="http://example.com" | |||
NotOnOrAfter="2005-06-01T09:30:47.0Z" | |||
Address="String"/> | Address="String"/> | ||
</saml:SubjectConfirmation> | </saml:SubjectConfirmation> | ||
Revision as of 18:54, 21 February 2017
Internal
Example
AuthnQuery
<samlp:AuthnQuery xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:protocol” ノ>
<saml:Subject>
<saml:SubjectConfirmation
Method="http://www.oasis-open.org/committees/security/docs/draft-sstc-core-25/password">
<saml:SubjectConfirmationData>
cGFzc3dvcmQ=
<saml:SubjectConfirmationData/>
</saml:SubjectConfirmation>
</saml:Subject>
<samlp:RequestedAuthnContext Comparison="exact">
<saml:AuthnContextClassRef>
http://www.coresecuritypatterns.com
</saml:AuthnContextClassRef>
</samlp:RequestedAuthnContext>
</samlp:AuthnQuery>
AuthnStatement
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
IssueInstant="2005-06-01T09:30:47.0Z"
Version="2.0"
InResponseTo="NCName"
Destination="http://www.example.com"
ID="ID000065">
...
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
<samlp:StatusMessage>status is successful</samlp:StatusMessage>
</samlp:Status>
<saml:Assertion IssueInstant="2005-06-01T09:30:47.0Z"
Version="2.0"
ID="ID000072">
<saml:Issuer NameQualifier="String" Format="http://www.coresecuritypatterns.com"
SPProvidedID="MyServiceProvider"
SPNameQualifier="String">
Example
</saml:Issuer>
<saml:Subject>
<saml:SubjectConfirmation
Method="http://www.oasis-open.org/committees/security/docs/draft-sstc-core-25/password">
<saml:NameID NameQualifier="card:SQLDatabase">
SomeName
</saml:NameID>
<saml:SubjectConfirmationData NotBefore="2005-06-01T09:30:47.0Z"
InResponseTo="NCName"
Recipient="http://example.com"
NotOnOrAfter="2005-06-01T09:30:47.0Z"
Address="String"/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2005-06-01T09:30:47.0Z"
NotOnOrAfter="2005-06-01T09:30:47.0Z">
<saml:Condition xsi:type="a type derived from ConditionAbstractType"/>
</saml:Conditions>
<saml:Advice>
<saml:AssertionIDRef>NCName</saml:AssertionIDRef>
</saml:Advice>
<saml:AuthnStatement>
AuthnInstant="2005-06-0131T12:00:00Z"
SessionIndex="67775277772">
<saml:AuthnContext>
<saml:AuthnContextClassRef>
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
</saml:Assertion>
</samlp:Response>