Saturday, 8 August 2015

SAML : AuthnStatement

Authentication statements are usually generated by a SAML authority called Identity provider, to authenticate users and keep track of other information about users.

AuthnStatement statement contains following attributes.
Attribute
Description
Required
AuthnInstant
Specifies the time at which authentication takes place.
Required
SessionIndex
Specifies the index of a particular session between the principal identified by the subject and the
authenticating authority.
Optional

AuthnStatement contains following elements.
< SubjectLocality>, <AuthnContext>


SubjectLocality specifies the DNS domain name and IP address for the system from which the assertion subject was authenticated.
<element name="AuthnStatement" type="saml:AuthnStatementType" />
<complexType name="AuthnStatementType">
  <complexContent>
    <extension base="saml:StatementAbstractType">
      <sequence>
        <element ref="saml:SubjectLocality" minOccurs="0" />
        <element ref="saml:AuthnContext" />
      </sequence>
      <attribute name="AuthnInstant" type="dateTime" use="required" />
      <attribute name="SessionIndex" type="string" use="optional" />
      <attribute name="SessionNotOnOrAfter" type="dateTime" use="optional" />
    </extension>
  </complexContent>
</complexType>



Prevoius                                                 Next                                                 Home

No comments:

Post a Comment