Saturday 8 August 2015

SAML : SubjectConfirmationData element

SubjectConfirmationData  element contains additional confirmation information is used by specific confirmation method.

SubjectConfirmationData  element contains following attributes.
Attribute
Description
Required
NotBefore
Time value encoded in UTC, specifies time instant before which the subject cannot be confirmed.
Optional
NotOnOrAfter
Time value is encoded in UTC, specifies time instant at which the subject can no longer be confirmed.
Optional
Recipient
A URI specifying the entity or location to which an attesting entity can present the assertion. It tells about recipient of the assertion.
Optional
InResponseTo
The ID of a SAML protocol message in response to which an attesting entity can present the
assertion.
Optional
Address
The network address/location from which an attesting entity can present the assertion. IPV4 addresses represented in dotted decimal format like 123.234.129.2.

IPV6 addresses represented like
BA98:7654:FEDC:3210:FEDC:BA98:7654:3452
Optional

Note:
The time period specified by the optional NotBefore and NotOnOrAfter attributes, if present, SHOULD fall within the overall assertion validity period as specified by the <Conditions> element's
NotBefore and NotOnOrAfter attributes. If both attributes are present, the value for NotBefore MUST be less than (earlier than) the value for NotOnOrAfter.

Following schema fragment specifies SubjectConfirmationData.

<element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType" />
<complexType name="SubjectConfirmationDataType" mixed="true">
  <complexContent>
    <restriction base="anyType">
      <sequence>
        <any namespace="##any" processContents="lax" minOccurs="0"
          maxOccurs="unbounded" />
      </sequence>
      <attribute name="NotBefore" type="dateTime" use="optional" />
      <attribute name="NotOnOrAfter" type="dateTime" use="optional" />
      <attribute name="Recipient" type="anyURI" use="optional" />
      <attribute name="InResponseTo" type="NCName" use="optional" />
      <attribute name="Address" type="string" use="optional" />
      <anyAttribute namespace="##other" processContents="lax" />
    </restriction>
  </complexContent>



Prevoius                                                 Next                                                 Home
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)