Hi;
As per [1];
4.2.3 tokenType (optional)
--------------------------
This parameter specifies the type of the token to be requested from the
STS as a URI. This parameter can be omitted if the STS and the web site
front-end have a mutual understanding about what token type will be
provided or if the web site is willing to accept any token type.
Since this is optional, shall we default [when it's being omitted by the
RP] it to the value;
urn:oasis:names:tc:SAML:1.0:assertion
Current functionality expects a value for the 'tokenType' and once not
provided throws an exception for invalid token type.
Thanks & regards.
- Prabath
[1]: http://msdn2.microsoft.com/en-us/library/aa480726.aspx
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
