OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Blended Authentication (AKA "Granular Access Control")

[ Lists Home | Date Index | Thread Index ]

I think the implication is that the claims are something like:
  1.  I'm Joe Bloggs.
  2.  I got through the security checks at System A

Jeff
----- Original Message ----- 
From: "Chiusano Joseph" <chiusano_joseph@bah.com>
To: "Cavnar-Johnson John" <JCavnar-Johnson@sark.com>
Cc: <xml-dev@lists.xml.org>
Sent: Wednesday, May 07, 2003 12:51 PM
Subject: Re: [xml-dev] Blended Authentication (AKA "Granular Access
Control")


> <Quote1>
> According to the WS-Trust spec, "a web service can require that an
> incoming message prove a set of claims." These claims are not limited
> merely to identity, but can include the user's principal (or security
> context)
> </Quote1>
>
> Can you take this one step further and explain how this would apply to
> the presented scenario? In other words, how would the identity of SYSTEM
> A be brought into the picture (allowing SYSTEM A to really be considered
> a "user")? And how does it relate to the possibility of more granular
> security at (for example) the WSDL Operation level?
>





 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS