2

I would like the client connect to an STS to obtain a SAML token and use it to authenticate it self to a service, but I want the token to contain more information than the standard SAML token, I would also like to avoid using transport level security. In a sense it will be very similar to a kerberos ticket having the session key

is this possible?

Abdelrahman AlMahmoud
  • 157
  • 1
  • 11
  • I think SAML 2.0 supports [tag:xml-encryption]. See http://stackoverflow.com/questions/5423501/can-you-do-symmetric-encryption-on-saml-attributes-in-saml-2-0. – pd40 Sep 06 '12 at 11:19

1 Answers1

0

Yes, definetely possible. I've seen SAML holder-of-key with symmetric encryption being applied in one place.

martijno
  • 1,723
  • 1
  • 23
  • 53