...
The example shown is sufficient for the case of a bearer assertion, or if the Portlet can authenticate with a TLS client certificate. If a digital signature is required, a <ds:Signature>
would appear in the <wsse:Security>
header, with references to each SOAP header and the body. Each header would carry a wsu:Id
attribute to allow it to be referenced. This is a significantly more complex option to implement, with the advantage of not requiring client TLS support on the IdP.
...
Include Page | ||||
---|---|---|---|---|
|