SAML AuthnQuery and AuthnStatement: Difference between revisions
Jump to navigation
Jump to search
| Line 80: | Line 80: | ||
</saml:NameID> | </saml:NameID> | ||
<saml:SubjectConfirmationData NotBefore="2005-06-01T09:30:47.0Z" | <saml:SubjectConfirmationData | ||
NotBefore="2005-06-01T09:30:47.0Z" | |||
InResponseTo="NCName" | |||
Recipient="http://example.com" | |||
NotOnOrAfter="2005-06-01T09:30:47.0Z" | |||
Address="String"/> | |||
</saml:SubjectConfirmation> | </saml:SubjectConfirmation> | ||
<saml:Conditions NotBefore="2005-06-01T09:30:47.0Z" | </saml:Subject> | ||
<saml:Conditions | |||
NotBefore="2005-06-01T09:30:47.0Z" | |||
NotOnOrAfter="2005-06-01T09:30:47.0Z"> | |||
<saml:Condition xsi:type="a type derived from ConditionAbstractType"/> | |||
</saml:Conditions> | |||
<saml:Advice> | |||
<saml:AssertionIDRef>NCName</saml:AssertionIDRef> | |||
</saml:Advice> | |||
<saml:AuthnStatement | |||
AuthnInstant="2005-06-0131T12:00:00Z" | AuthnInstant="2005-06-0131T12:00:00Z" | ||
SessionIndex="67775277772"> | SessionIndex="67775277772"> | ||
<saml:AuthnContext> | <saml:AuthnContext> | ||
<saml:AuthnContextClassRef> | |||
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport | |||
</saml:AuthnContextClassRef> | |||
</saml:AuthnContext> | </saml:AuthnContext> | ||
</saml:AuthnStatement> | </saml:AuthnStatement> | ||
</saml:Assertion> | </saml:Assertion> | ||
</samlp:Response> | </samlp:Response> | ||
</pre> | </pre> | ||
Latest revision as of 18:59, 21 February 2017
Internal
Example
AuthnQuery
<samlp:AuthnQuery xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:protocol” ノ>
<saml:Subject>
<saml:SubjectConfirmation
Method="http://www.oasis-open.org/committees/security/docs/draft-sstc-core-25/password">
<saml:SubjectConfirmationData>
cGFzc3dvcmQ=
<saml:SubjectConfirmationData/>
</saml:SubjectConfirmation>
</saml:Subject>
<samlp:RequestedAuthnContext Comparison="exact">
<saml:AuthnContextClassRef>
http://www.coresecuritypatterns.com
</saml:AuthnContextClassRef>
</samlp:RequestedAuthnContext>
</samlp:AuthnQuery>
AuthnStatement
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
IssueInstant="2005-06-01T09:30:47.0Z"
Version="2.0"
InResponseTo="NCName"
Destination="http://www.example.com"
ID="ID000065">
...
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
<samlp:StatusMessage>status is successful</samlp:StatusMessage>
</samlp:Status>
<saml:Assertion IssueInstant="2005-06-01T09:30:47.0Z"
Version="2.0"
ID="ID000072">
<saml:Issuer NameQualifier="String" Format="http://www.coresecuritypatterns.com"
SPProvidedID="MyServiceProvider"
SPNameQualifier="String">
Example
</saml:Issuer>
<saml:Subject>
<saml:SubjectConfirmation
Method="http://www.oasis-open.org/committees/security/docs/draft-sstc-core-25/password">
<saml:NameID NameQualifier="card:SQLDatabase">
SomeName
</saml:NameID>
<saml:SubjectConfirmationData
NotBefore="2005-06-01T09:30:47.0Z"
InResponseTo="NCName"
Recipient="http://example.com"
NotOnOrAfter="2005-06-01T09:30:47.0Z"
Address="String"/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions
NotBefore="2005-06-01T09:30:47.0Z"
NotOnOrAfter="2005-06-01T09:30:47.0Z">
<saml:Condition xsi:type="a type derived from ConditionAbstractType"/>
</saml:Conditions>
<saml:Advice>
<saml:AssertionIDRef>NCName</saml:AssertionIDRef>
</saml:Advice>
<saml:AuthnStatement
AuthnInstant="2005-06-0131T12:00:00Z"
SessionIndex="67775277772">
<saml:AuthnContext>
<saml:AuthnContextClassRef>
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
</saml:Assertion>
</samlp:Response>