<samlp:Response>samlp:ResponseType extends samlp:StatusResponseTypeInherited from samlp:StatusResponseType
@ID(required)@InResponseTo(optional)@Version(required)@IssueInstant(required)@Destination(optional)@Consent(optional)
Inherited from samlp:RequestAbstractType
<saml:Issuer>(zero or more) saml:NameIDType extends string@NameQualifier(optional)@SPNameQualifier(optional)@Format(optional)@SPProvidedID(optional)- Content: string
<ds:Signature>(zero or more)<samlp:Extensions>(zero or more) samlp:ExtensionsType, ##other namespace<samlp:Status>(one)<samlp:StatusCode>(one)@Value(required)<samlp:StatusCode>(zero or more) nested...
<samlp:StatusMessage>(zero or more)- Content: string
<samlp:StatusDetail>(zero or more)- Content: elements from ##other namespace
Added as samlp:ResponseType
<saml:Assertion>(zero or more) saml:AssertionType (alternatively<saml:EncryptedAssertion>)@ID(required)@Version(required)@IssueInstant(required)<saml:Issuer>(zero or more) saml:NameIDType extends string@NameQualifier(optional)@SPNameQualifier(optional)@Format(optional)@SPProvidedID(optional)- Content: string
<ds:Signature>(zero or more)<saml:Subject>(zero or more) saml:SubjectType<saml:NameID>saml:NameIDType (could also be either BaseID or EncryptedID) (optional)@NameQualifier(optional)@SPNameQualifier(optional)@Format(optional)@SPProvidedID(optional)- Content: string
<saml:SubjectConfirmation>(zero or more) saml:SubjectConfirmationType extends@Method(required)<saml:NameID>saml:NameIDType (could also be either BaseID or EncryptedID) (optional)@NameQualifier(optional)@SPNameQualifier(optional)@Format(optional)@SPProvidedID(optional)- Content: string
<saml:SubjectConfirmationData>saml:SubjectConfirmationDataType@NotBefore(optional)@NotOnOrAfter(optional)@Recipient(optional)@InResponseTo(optional)@Address(optional)- Content: any element or attribute in ##other namespace
<saml:Conditions>(zero or more) saml:ConditionsType@NotBefore(optional)@NotOnOrAfter(optional)<saml:AudienceRestriction>(zero or more) saml:AudienceRestrictionType<saml:Audience>saml:Audience- Content: URI
<saml:OneTimeUse>(zero or more) saml:OneTimeUseType extends saml:ConditionAbstractType<saml:ProxyRestriction>(zero or more) saml:ProxyRestrictionType extends saml:ConditionAbstractType@Count(optional)<saml:Audience>saml:Audience- Content: URI
- Any element extending saml:ConditionAbstractType
<saml:Advice>(zero or more)<saml:AuthnStatement>(zero or more) saml:AuthnStatementType extends saml:StatementAbstractType@AuthnInstant(required)@SessionIndex(optional)@SessionNotOnOrAfter(optional)<saml:SubjectLocality>(zero or more) saml:SubjectLocalityType@Address(optional)@DNSName(optional)
<saml:AuthnContext>(zero or more) saml:AuthnContextType<saml:AuthnContextClassRef>(optional)<saml:AuthnContextDecl>(zero or more)<saml:AuthnContextDeclRef>(zero or more)<saml:AuthenticatingAuthority>(zero or more)- AuthnContext MUST contain at least one of AuthnContextClassRef, AuthnContextDecl and AuthnContextDeclRef.
<saml:AttributeStatement>(zero or more) saml:AttributeStatementType<saml:Attribute>(zero or more) saml:AttributeType alternatively (saml:EncryptedAttribute)@Name(required)@NameFormat(optional)@FriendlyName(optional)<saml:AttributeValue>(zero or more)
Anatomy of a SAML 2.0 Response
Submitted by Andreas Åkre Solberg [1] on 11 November, 2009 - 09:46
- Login to post comments