[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Blended Authentication (AKA "Granular Access Control")
Thanks Jeff. I'm going to investigate this further from a SAML perspective, particularly in regard to how claim #2 can specifically be represented. Kind Regards, Joe Chiusano Booz | Allen | Hamilton Jeff Greif wrote: > > I think the implication is that the claims are something like: > 1. I'm Joe Bloggs. > 2. I got through the security checks at System A > > Jeff > ----- Original Message ----- > From: "Chiusano Joseph" <chiusano_joseph@b...> > To: "Cavnar-Johnson John" <JCavnar-Johnson@s...> > Cc: <xml-dev@l...> > Sent: Wednesday, May 07, 2003 12:51 PM > Subject: Re: Blended Authentication (AKA "Granular Access > Control") > > > <Quote1> > > According to the WS-Trust spec, "a web service can require that an > > incoming message prove a set of claims." These claims are not limited > > merely to identity, but can include the user's principal (or security > > context) > > </Quote1> > > > > Can you take this one step further and explain how this would apply to > > the presented scenario? In other words, how would the identity of SYSTEM > > A be brought into the picture (allowing SYSTEM A to really be considered > > a "user")? And how does it relate to the possibility of more granular > > security at (for example) the WSDL Operation level? > > begin:vcard n:Chiusano;Joseph tel;work:(703) 902-6923 x-mozilla-html:FALSE url:www.bah.com org:Booz | Allen | Hamilton;IT Digital Strategies Team adr:;;8283 Greensboro Drive;McLean;VA;22012; version:2.1 email;internet:chiusano_joseph@b... title:Senior Consultant fn:Joseph M. Chiusano end:vcard
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|