SAML 是否必须使用 SOAP 通信?
Is SOAP communication mandatory for SAML?
SOAP 是 SAML 通信的强制要求吗?对于 SP 发起的 SAML,从 saml.xml.org:
- The SP's Assertion Consumer Service now sends a SAML message containing the artifact to the IdP's Artifact Resolution Service endpoint. This exchange is performed using a synchronous SOAP message exchange.
- The IdP's Artifact Resolution Service extracts the MessageHandle from the artifact and locates the original SAML message associated with it. This is then placed inside a SAML message, which is returned to the SP over the SOAP channel.
但是wikipedia提到它是可选的。
On the back channel, SAML specifies the use of SOAP 1.1. The use of SOAP as a binding mechanism is optional, however. Any given SAML deployment will choose whatever bindings are appropriate.
那么哪个是正确的? SP SAML 是否需要 SOAP 才能与 IdP(任何第三方)通信,还是可选的?谢谢
不需要 SOAP。 saml.xml.org 文章指出
For this example, the POST Binding is used to deliver the SAML
message to the IdP and the Artifact Binding is used to return the SAML message containing the assertion to the SP.
本例中使用了工件绑定。当工件绑定用于传输消息时,必须使用不同于用于发送工件的方法的另一种方法来解析它。神器解析方法不能使用浏览器,如重定向或POST。
这仅适用于您使用 Artifact 绑定的情况。如果您使用另一个绑定来传输消息,例如 HTTP 重定向或 POST,则不需要或不需要 SOAP。
SOAP 是 SAML 通信的强制要求吗?对于 SP 发起的 SAML,从 saml.xml.org:
- The SP's Assertion Consumer Service now sends a SAML message containing the artifact to the IdP's Artifact Resolution Service endpoint. This exchange is performed using a synchronous SOAP message exchange.
- The IdP's Artifact Resolution Service extracts the MessageHandle from the artifact and locates the original SAML message associated with it. This is then placed inside a SAML message, which is returned to the SP over the SOAP channel.
但是wikipedia提到它是可选的。
On the back channel, SAML specifies the use of SOAP 1.1. The use of SOAP as a binding mechanism is optional, however. Any given SAML deployment will choose whatever bindings are appropriate.
那么哪个是正确的? SP SAML 是否需要 SOAP 才能与 IdP(任何第三方)通信,还是可选的?谢谢
不需要 SOAP。 saml.xml.org 文章指出
For this example, the POST Binding is used to deliver the SAML message to the IdP and the Artifact Binding is used to return the SAML message containing the assertion to the SP.
本例中使用了工件绑定。当工件绑定用于传输消息时,必须使用不同于用于发送工件的方法的另一种方法来解析它。神器解析方法不能使用浏览器,如重定向或POST。
这仅适用于您使用 Artifact 绑定的情况。如果您使用另一个绑定来传输消息,例如 HTTP 重定向或 POST,则不需要或不需要 SOAP。