n this case.
Am I right?
Wishes,
Manfred
Von: Anthony Nadalin
[mailto:tony...@microsoft.com]<mailto:[mailto:tony...@microsoft.com]>
Gesendet: Freitag, 19. Juli 2013 18:12
An: Prateek Mishra; Manfred Steyer
Cc: oauth@ietf.org<mailto:oauth@ietf.org>
Betreff: RE: [OAUTH-WG] SAML-l
Hi Manfred,
This is an area of interest to us and we have done some profiling in our
implementation.
Generally speaking, we work with the assertion profiles as a starting
point. They allow for WS-Trust
like token exchanges and (implicitly) support ActAs or OnBehalfOf. But
they do need additi
July 19, 2013 9:03 AM
To: Manfred Steyer
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] SAML-like ActAs
Hi Manfred,
This is an area of interest to us and we have done some profiling in our
implementation.
Generally speaking, we work with the assertion profiles as a starting point.
They allow f
e can include custom claims, which can be used for authorisation.
What do you think about that?
Wishes,
Manfred
[1] http://openid.net/specs/openid-connect-basic-1_0.html
*Von:*Justin Richer [mailto:jric...@mitre.org]
*Gesendet:* Freitag, 19. Juli 2013 16:52
*An:* Manfred Steyer
*Cc:* oauth@
While I won't profess to be proficient at SAML, I can say that there
have been a couple tries at defining a "chained delegation" grant extension:
http://tools.ietf.org/html/draft-richer-oauth-chain-00
http://tools.ietf.org/html/draft-hunt-oauth-chain-01
We've deployed the first one with a coup
Hi,
are there plans for supporting delegation-styles like ActAs or OnBehalfOf in
SAML?
If this was possible, a resource server could delegate a subset of the
delegated rights to another resource server. This could be a very important
thing, when one wants to use OAuth 2 within an enterprise
