...
For the purposes of our use case, we will pass Endpoint References conforming to this profile in a SAML attribute in which the Name of the attribute corresponds to the value found in the EPR's <disco:ServiceType> element. These EPRs will typically be used to identify the endpoint at which the Identity Provider's ID-WSF Single Sign-On Service lives, and how it is secured.
Endpoint Reference Example
A typical EPR mightlook like this:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsa:Address>https://idp.example.org/idp/profiles/WSF/SSO</wsa:Address>
<wsa:Metadata xmlns:disco="urn:liberty:disco:2006-08">
<disco:Abstract>ID-WSF Single Sign-On Service</disco:Abstract>
<disco:ServiceType>urn:liberty:ssos:2006-08</disco:ServiceType>
<disco:ProviderID>http://idp.example.org/idp/shibboleth</disco:ProviderID>
<sbf:Framework xmlns:sbf="urn:liberty:sb" version="2.0"/>
<disco:SecurityContext>
<disco:SecurityMechID>urn:liberty:security:2005-02:ClientTLS:peerSAMLV2</disco:SecurityMechID>
<sec:Token xmlns:sec="urn:liberty:security:2006-08" ref="#ID" usage="urn:liberty:security:tokenusage:2006-08:SecurityToken"/>
</disco:SecurityContext>
</wsa:Metadata>
</wsa:EndpointReference>
|