Lasso Reference Manual | ||||
---|---|---|---|---|
Top | Description |
Synopsis
struct LassoLibAssertion; LassoLibAssertion * lasso_lib_assertion_new (void
); LassoLibAssertion * lasso_lib_assertion_new_full (const char *issuer
,const char *requestID
,const char *audience
,const char *notBefore
,const char *notOnOrAfter
);
Description
Authentication assertions provided in an AuthnResponse element MUST be of type AssertionType, which is an extension of saml:AssertionType, so that the RequestID attribute from the original AuthnRequest MAY be included in the InResponseTo attribute in the Assertion element. This is done because it is not required that the AuthnResponse element itself be signed. Instead, the individual Assertion elements contained MUST each be signed. Note that it is optional for the InResponseTo to be present. Its absence indicates that the AuthnResponse has been unilaterally sent by the identity provider without a corresponding AuthnRequest message from the service provider. If the attribute is present, it MUST be set to the RequestID of the original AuthnRequest.
Figure 1. Schema fragment for lib:Assertion
<xs:element name="Assertion" type="AssertionType" substitutionGroup="saml:Assertion" /> <xs:complexType name="AssertionType"> <xs:complexContent> <xs:extension base="saml:AssertionType"> <xs:attribute name="InResponseTo" type="xs:NCName" use="optional"/> </xs:extension> </xs:complexContent> </xs:complexType>
Details
struct LassoLibAssertion
struct LassoLibAssertion { LassoSamlAssertion parent; char *InResponseTo; };
lasso_lib_assertion_new ()
LassoLibAssertion * lasso_lib_assertion_new (void
);
Creates a new LassoLibAssertion object.
Returns : |
a newly created LassoLibAssertion object |
lasso_lib_assertion_new_full ()
LassoLibAssertion * lasso_lib_assertion_new_full (const char *issuer
,const char *requestID
,const char *audience
,const char *notBefore
,const char *notOnOrAfter
);
Creates a new LassoLibAssertion object and initializes its Issuer, InResponseTo, AudienceRestrictionCondition, notBefore and notOnOrAfter fields or attributes.
|
the issuer entityID string |
|
the identifier of the request which initiated the creation of this assertion |
|
the entityID of the receiver of this assertion |
|
a timestamp formatted as iso-8601 |
|
a timestamp formatted as iso-8601 |
Returns : |
a newly created LassoLibAssertion object |