Sample SAML Attribute Request

Credential request 1




TUE



Name=”John”



doctor



This query says: TUE asks an entity (the recipient of the request) if John has attribute doctor.
Notice that tag specifies the issuer of the request (i.e., the requester).
This credential request is translated in POLIPO as cred(X,doctor,’John’), where X (the issuer of a credential) is bound to the entity receiving the request. The credential issuer shall be bound in the PEP.
This query shall return Yes/No answer together with the credential (if answer is yes).

Credential request 2




TUE



Name=”John”



This query says: TUE asks an entity (the recipient of the request) which are the attributes of John.
Notice that tag specifies the issuer of the request (i.e., the requester).
This request should be translated in POLIPO as cred(X,Y,’John’), where X (the issuer of a credential) is bound to the entity receiving the request and Y is a variable. The credential issuer shall be bound in the PEP.
This query shall return all the credentials issued by the the request recipient having John as a subject.

Credential request 3




TUE


doctor



This query says: TUE asks an entity (the recipient of the request) which entities have attribute “doctor”.
Notice that tag specifies the issuer of the request (i.e., the requester).
This request should be translated in POLIPO as cred(X,doctor,Y), where X (the issuer) is bound to the entity receiving the request and Y is a variable. The credential issuer shall be bound in the PEP.
This query shall return all the credentials issued by the the request recipient having doctor as an attribute.
Notice that this query does not comply with SAML specification, but it is needed for the TM algorithm. We can assume that if the subject is not specified it is treated as a variable.

Leave a Reply

Your email address will not be published. Required fields are marked *