- 追加された行はこの色です。
- 削除された行はこの色です。
「[[マイクロソフト系技術情報 Wiki>http://techinfoofmicrosofttech.osscons.jp/]]」は、「[[Open棟梁Project>https://github.com/OpenTouryoProject/]]」,「[[OSSコンソーシアム .NET開発基盤部会>https://www.osscons.jp/dotNetDevelopmentInfrastructure/]]」によって運営されています。
-[[戻る>SAMLの仕様を読む。]]
* 目次 [#ad46c7fc]
#contents
*概要 [#z9f38776]
-汎用認証サイトにSAML2.0を実装するため仕様を読む。
汎用認証サイトに[[SAML2.0を実装>SAMLを実装する。]]するため仕様を読む。
-ターゲットはSP Initiated な Web Browser SSO Profileに絞る。
-ココに書いた情報は、SAML の Bindingsの範囲。
*詳細 [#e7b6f548]
**HTTP Redirect Binding [#y8ab8bbc]
***Required Information [#e3b491f8]
***Overview [#g6dc0067]
***RelayState [#k05bc8de]
***Message Encoding [#h2a04080]
-DEFLATE Encoding
***Message Exchange [#pf970c8d]
-HTTP and Caching Considerations
-Security Considerations
***Error Reporting [#d6f32744]
***Metadata Considerations [#sda6422b]
***Example SAML Message Exchange Using HTTP Redirect [#m2ac897f]
**HTTP POST Binding [#n7409552]
***Required Information [#e506d9e3]
***Overview [#ba9c4837]
***RelayState [#le12e451]
***Message Encoding [#r153e192]
***Message Exchange [#w2478c85]
-HTTP and Caching Considerations
-Security Considerations
***Error Reporting [#s26fc8a7]
***Metadata Considerations [#u39ef6c4]
***Example SAML Message Exchange Using HTTP POST [#d9380c71]
*参考 [#r131996d]
https://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf
1 Introduction
1.1 Protocol Binding Concepts
1.2 Notation
2 Guidelines for Specifying Additional Protocol Bindings
3 Protocol Bindings
3.1 General Considerations
3.1.1 Use of RelayState
3.1.2 Security
3.1.2.1 Use of SSL 3.0 or TLS 1
3.1.2.2 Data Origin Authentication
3.1.2.3 Message Integrity
3.1.2.4 Message Confidentiality
3.1.2.5 Security Considerations
3.2 SAML SOAP Binding
3.2.1 Required Information
3.2.2 Protocol-Independent Aspects of the SAML SOAP Binding
3.2.2.1 Basic Operation
3.2.2.2 SOAP Headers
3.2.3 Use of SOAP over HTTP
3.2.3.1 HTTP Headers
3.2.3.2 Caching
3.2.3.3 Error Reporting
3.2.3.4 Metadata Considerations
3.2.3.5 Example SAML Message Exchange Using SOAP over HTTP
3.3 Reverse SOAP (PAOS) Binding
3.3.1 Required Information
3.3.2 Overview
3.3.3 Message Exchange
3.3.3.1 HTTP Request, SAML Request in SOAP Response
3.3.3.2 SAML Response in SOAP Request, HTTP Response
3.3.4 Caching
3.3.5 Security Considerations
3.3.5.1 Error Reporting
3.3.5.2 Metadata Considerations
3.4 HTTP Redirect Binding
3.4.1 Required Information
3.4.2 Overview
3.4.3 RelayState
3.4.4 Message Encoding
3.4.4.1 DEFLATE Encoding
3.4.5 Message Exchange
3.4.5.1 HTTP and Caching Considerations
3.4.5.2 Security Considerations
3.4.6 Error Reporting
3.4.7 Metadata Considerations
3.4.8 Example SAML Message Exchange Using HTTP Redirect
3.5 HTTP POST Binding
3.5.1 Required Information
3.5.2 Overview
3.5.3 RelayState
3.5.4 Message Encoding
3.5.5 Message Exchange
3.5.5.1 HTTP and Caching Considerations
3.5.5.2 Security Considerations
3.5.6 Error Reporting
3.5.7 Metadata Considerations
3.5.8 Example SAML Message Exchange Using HTTP POST
3.6 HTTP Artifact Binding
3.6.1 Required Information
3.6.2 Overview
3.6.3 Message Encoding
3.6.3.1 RelayState
3.6.3.2 URL Encoding
3.6.3.3 Form Encoding
3.6.4 Artifact Format
3.6.4.1 Required Information
3.6.4.2 Format Details
3.6.5 Message Exchange
3.6.5.1 HTTP and Caching Considerations
3.6.5.2 Security Considerations
3.6.6 Error Reporting
3.6.7 Metadata Considerations
3.6.8 Example SAML Message Exchange Using HTTP Artifact
3.7 SAML URI Binding
3.7.1 Required Information
3.7.2 Protocol-Independent Aspects of the SAML URI Binding
3.7.2.1 Basic Operation
3.7.3 Security Considerations
3.7.4 MIME Encapsulation
3.7.5 Use of HTTP URIs
3.7.5.1 URI Syntax
3.7.5.2 HTTP and Caching Considerations
3.7.5.3 Security Considerations
3.7.5.4 Error Reporting
3.7.5.5 Metadata Considerations
3.7.5.6 Example SAML Message Exchange Using an HTTP URI
4 References
Appendix A. Registration of MIME media type application/samlassertion+xml
Appendix B. Acknowledgments
Appendix C. Notices
----
Tags: [[:IT国際標準]], [[:認証基盤]], [[:クレームベース認証]], [[:SAML]]