Skip to main content

Several bugs and changes in SAML engine (Bernd Zwattendorfer)

Anonymous (not verified)
Published on: 12/02/2010 Discussion Archived

- I would recommend renaming the namespace "urn:eu:stork:names:tc:STORK:1.0:stork" to "urn:eu:stork:names:tc:STORK:1.0:protocol" for "storkp". This is much more similar to the naming convention in SAML. - The "Extensions" element of SAML protocol messages belongs to a wrong namespace (SAML metadata instead of SAML protocol). It should also carry the "saml2p" prefix and not the stork prefix. - The elements "RequestedAttribute" belong to "storkp" namespace whereas they are specified in "stork" namespace. - Within the element "RequestedAttribute" the XML attribute "isRequired" is misspelled. ("isRequiered" instead of "isRequired") - The element "AttributeValue" in "RequestedAttribute" should also be in the "stork" namespace (In the current STORK interface specification it is in the SAML namespace but this is against the SAML 2.0 spec - I have already sent an RFC for that). - The attribute "Format" in the <saml2:NameID> attribute should be "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" instad of "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified". - The attribute "NotBefore" in the element <saml2:SubjectConfirmationData> is not allowed in the SAML SSO-Profile. - Within the <saml2:Attribute> element the STORK specific attribute "stork:AttributeStatus" is missing.



HardwareAll
ProductNone
Operating SystemAll
ComponentSAML engine
VersionNone
Severitynormal
ResolutionNone

Category

Bugs
Login or create an account to comment.