Google Search Appliance Authentication/Authorization for Enterprise SPI Guide User Manual

Page 14

Advertising
background image

Google Search Appliance: Authentication/Authorization for Enterprise SPI Guide

14

An artifact must not be reusable. Once an artifact is dereferenced, the Identity Provider must reject
attempts to dereference the same artifact again.

<?xml version="1.0" ?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">

<SOAP-ENV:Body>
<samlp:ArtifactResponse ID="amnwsiqxpzamrbl58fce2y1hvgdk3to9"

InResponseTo="

_19abdb7e3ada0f44ba2935c8ab53ef54"

IssueInstant="2010-07-16T02:05:06Z" Version="2.0"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" >
<saml:Issuer>

myauthn

</saml:Issuer>
<samlp:Status>

<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>

</samlp:Status>
<samlp:Response ID="mo1sijfykc8mwn7eu9lbzpr2va6godhx"

IssueInstant="2010-07-16T02:05:06Z" Version="2.0"
Destination="https://gsa.yourdomain.com/security-manager/

samlassertionconsumer">

<samlp:Status>

<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>

</samlp:Status>

<Assertion ID="aup1f3hnzo7gv9kwrds86abc45jxqtye"

IssueInstant="2010-07-16T02:05:06Z" Version="2.0">
<saml:Issuer>

myauthn

</saml:Issuer>
<saml:Subject>

<saml:NameID>

user1

</saml:NameID>
<saml:SubjectConfirmation

Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData

InResponseTo="

_33d9a01b3dd314c6bc394c420fc0857a"

NotOnOrAfter="2010-07-16T02:05:11Z"
Recipient="https://gsa.yourdomain.com/security-manager/

samlassertionconsumer"/>

</saml:SubjectConfirmation>

</saml:Subject>
<saml:Conditions NotBefore="2010-07-16T02:05:06Z"

NotOnOrAfter="2010-07-16T02:05:11Z">
<saml:AudienceRestriction>

<saml:Audience>

http://google.com/enterprise/gsa/T2-I02BQQ2PYJSJT/security-manager

</saml:Audience>

</saml:AudienceRestriction>

</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2010-07-16T02:05:06Z"

SessionIndex="aup1f3hnzo7gv9kwrds86abc45jxqtye">
<saml:AuthnContext>

<saml:AuthnContextClassRef>

urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport

</saml:AuthnContextClassRef>

</saml:AuthnContext>

</saml:AuthnStatement>

</saml:Assertion>

</samlp:Response>

Advertising
See also other documents in the category Google Software: