On 3/21/2006 10:10 PM, "Robert Yates" <[EMAIL PROTECTED]> wrote:
> Jeff Hodges wrote: > >> Robert Yates wrote: >>> SAML can only do Web Services >> >> Incorrect -- and where did that notion come from? >> >> The web browser SSO profile of SAML [1], employing either the SAML >> HTTP Redirect Binding or the HTTP POST Binding [2], are essentially >> RESTful, AFAIU. > > agreed, but i think you may be quoting me out of context :). What I'm > trying to state is that SAML cannot be used with non-browser REST based > web services such as the atom publishing protocol. > As near as I can discern from atom-pub [1], it is, at it's heart, webDAV for ATOM-based representations. Which means a feed reader/editor is, by definition, an HTTP(s) user agent. The present atom-pub ID is ambiguous for UA support for 3xx class response codes (which would be required for the HTTP redirect binding). The POST binding carries no such dependencies on HTTP 3xx responses however. SAML POST only requires access to the POST and GET verbs of HTTP, and for convenience, support for response codes 3xx (redirect response codes), but those are not MTI for SAML POST to properly function. The defense RESTs ;-) =peterd (http://xri.net/=peterd) [1] http://www.ietf.org/internet-drafts/draft-ietf-atompub-protocol-08.txt _______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
