Project

General

Profile

Development #45

Add an utility function to complete an AuthnResponse with the IP adresse of the client

Added by Benjamin Dauvergne about 9 years ago. Updated almost 4 years ago.

Status:
Nouveau
Priority:
Normal
Assignee:
-
Category:
SAMLv2
Target version:
Start date:
21 May 2010
Due date:
% Done:

0%

Estimated time:
2.00 h
Patch proposed:
Planning:
No

Description

See page 19 of document saml-core-2.0-os.pdf ("Assertions and Protocols for the
OASIS Security Assertion Markup Language (SAML) V2.0")

Extracted from the referenced page (page 19 of document saml-core-2.0-os.pdf)

Attributes:
« Address [Optional]
733
The network address/location from which an attesting entity can present
the assertion. For example,
734
this attribute might be used to bind the assertion to particular client
addresses to prevent an attacker
735
from easily stealing and presenting the assertion from another location.
IPv4 addresses SHOULD be
736
represented in the usual dotted-decimal format (e.g., "1.2.3.4"). IPv6
addresses SHOULD be
737
represented as defined by Section 2.2 of IETF RFC 3513 [RFC 3513] (e.g.,
738
"FEDC:BA98:7654:3210:FEDC:BA98:7654:3210").
739 »

History

#1 Updated by Benjamin Dauvergne almost 9 years ago

The API should be

void lasso_saml2_authn_statement_set_subject_locality_address(LassoSaml2AuthnStatement *authn_statement, const char *address);
void lasso_saml2_authn_statement_set_subject_locatlity_dnsname(LassoSaml2AuthnStatement *authn_statement, const char *dnsname);

on the checking side there is a need for:

LassoSaml2ValidationState lasso_saml2_authn_statement_check_subject_locality_address(LassoSaml2AuthnStatement *authn_statement, const char *address;
LassoSaml2ValidationState lasso_saml2_authn_statement_check_subject_locality_dnsname(LassoSaml2AuthnStatement *authn_statement, const char *address;

#2 Updated by Benjamin Dauvergne almost 9 years ago

  • Target version changed from future to 2.4.0
  • Category set to SAMLv2

#3 Updated by Benjamin Dauvergne about 7 years ago

  • Assignee deleted (Benjamin Dauvergne)

#4 Updated by Benjamin Dauvergne almost 4 years ago

  • Target version changed from 2.4.0 to future

Also available in: Atom PDF