SAML/SAMLP vs SAML2/SAMLP2 in assertions
Chad La Joie
lajoie at itumi.biz
Sat Jan 28 01:08:36 GMT 2012
Almost certainly. Were I you, I probably wouldn't even argue with
them. Point them to the XML namespace spec, which is referenced from
the SAML spec, and let them read and grok it first. If they do
understand you won't need to say anything, if they don't, nothing you
say is likely to matter.
On Fri, Jan 27, 2012 at 19:59, Jeff McCullough <jeffmc at berkeley.edu> wrote:
> Thanks. It would appear they took the naming convention a bit too literally. I'm sure I have a fun conversation ahead. -Jeff
> On Jan 27, 2012, at 4:15 PM, Chad La Joie wrote:
>> No. Their app is broken. They clearly have no idea what an XML
>> namespace is. Those prefixes are meaningless except to the extent
>> that they must match the prefix given when the namespace is declared.
>> You could (and some products do) generate random prefixes and that's
>> perfectly legal.
>> On Fri, Jan 27, 2012 at 19:07, Jeff McCullough <jeffmc at berkeley.edu> wrote:
>>> Quick question...
>>> I've encountered a vendor, Catertrax, that will only accept SAML/SAMLP for version 1.1 and 2.0 assertions. The Shibboleth IdP sends SAML2/SAMLP2 for SAML 2.0 assertions. The vendor sent me a bunch of links proving their point, but I know you all worked on the spec. What gives? Is there a way in the Shib IdP to specify SAML vs SAML2 assertions for a relying-party?
>>> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
>> Chad La Joie
>> trusted identities, delivered
>> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
Chad La Joie
trusted identities, delivered
More information about the users