A Code Example For SAML

最新推荐文章于 2024-10-11 20:01:25 发布

smartcn

最新推荐文章于 2024-10-11 20:01:25 发布

阅读量1.5k

点赞数

分类专栏： XML 文章标签： authentication exchange methods sun user

本文链接：https://blog.csdn.net/smartcn/article/details/54531

版权

XML 专栏收录该内容

5 篇文章 0 订阅

订阅专栏

A Code Example

Because the SAML standard is designed only for the exchange of secure sign-on information between a user, or "relying party," and multiple issuing parties, it allows issuing parties to use their own chosen methods of authentication for example, PKI, hash, or password.

Here, a sample SAML-compliant request is sent from a relying party requesting password authentication by the issuing party.

<samlp: Request ...>

<samlp: AttributeQuery>

    <saml: Subject>
      <saml: NameIdentifier
        SecurityDomain="sun. com"
        Name="rimap"/>
    </ saml: Subject>

    <saml: AttributeDesignator
      AttributeName="Employee_ ID"
      AttributeNamespace="sun. com">
    </ saml: AttributeDesignator>
</ samlp: AttributeQuery>
</ samlp: Request>

In response, the issuing authority asserts that the subject (S) was authenticated by means (M) at time (T).

<samlp: Response
MajorVersion="1" MinorVersion="0"
RequestID="128.14.234.20.90123456"
InResponseTo="123.45.678.90.12345678"
StatusCode="/features/2002/05/Success">

<saml: Assertion
    MajorVersion="1" MinorVersion="0"
    AssertionID="123.45.678.90.12345678"
    Issuer="Sun Microsystems, Inc."
    IssueInstant="2002- 01- 14T10: 00: 23Z">

    <saml: Conditions
      NotBefore="2002- 01- 14T10: 00: 30Z"
      NotAfter="2002- 01- 14T10: 15: 00Z" />

    <saml: AuthenticationStatement
    AuthenticationMethod="Password"
    AuthenticationInstant="2001- 01- 14T10: 00: 20Z">

      <saml: Subject>
        <saml: NameIdentifier
          SecurityDomain="sun. com"
          Name="rimap" />
      </ saml: Subject>
    </ saml: AuthenticationStatement>
</ saml: Assertion>
</ samlp: Response>