Development #45
Add an utility function to complete an AuthnResponse with the IP adresse of the client
0%
Description
See page 19 of document saml-core-2.0-os.pdf ("Assertions and Protocols for the
OASIS Security Assertion Markup Language (SAML) V2.0")
Extracted from the referenced page (page 19 of document saml-core-2.0-os.pdf)
Attributes:
« Address [Optional]
733
The network address/location from which an attesting entity can present
the assertion. For example,
734
this attribute might be used to bind the assertion to particular client
addresses to prevent an attacker
735
from easily stealing and presenting the assertion from another location.
IPv4 addresses SHOULD be
736
represented in the usual dotted-decimal format (e.g., "1.2.3.4"). IPv6
addresses SHOULD be
737
represented as defined by Section 2.2 of IETF RFC 3513 [RFC 3513] (e.g.,
738
"FEDC:BA98:7654:3210:FEDC:BA98:7654:3210").
739 »
History
Updated by Benjamin Dauvergne about 14 years ago
The API should be
void lasso_saml2_authn_statement_set_subject_locality_address(LassoSaml2AuthnStatement *authn_statement, const char *address);
void lasso_saml2_authn_statement_set_subject_locatlity_dnsname(LassoSaml2AuthnStatement *authn_statement, const char *dnsname);
on the checking side there is a need for:
LassoSaml2ValidationState lasso_saml2_authn_statement_check_subject_locality_address(LassoSaml2AuthnStatement *authn_statement, const char *address;
LassoSaml2ValidationState lasso_saml2_authn_statement_check_subject_locality_dnsname(LassoSaml2AuthnStatement *authn_statement, const char *address;
Updated by Benjamin Dauvergne about 14 years ago
- Category set to SAMLv2
- Target version changed from future to 2.4.0