geopriv-3----Page:4
1 2 3 4
|
saml-policy open issues SAML authorization decision and attribute assertions SAML has not only authentication assertions, but also authorization decision and attribute assertions. Usefulness of these latter types of assertions in the scope of Geopriv, Simple, ...? SAML condition evaluation by XML parsing? This means: Instead of defining policy rules of the form „If the following elements of a SAML assertion have the following values, then ...“, you could also derive specializations of the OASIS SAML Assertion schema that reflect desired constraints on the SAML assertions, and then use such a specialized XML schema in policy rules of the form „If a SAML assertion is valid with respect to the following XML schema, then ...“. Complete schema definition; Security and IANA Considerations |