Google Search Appliance Authentication/Authorization for Enterprise SPI Guide User Manual
Page 27
Google Search Appliance: Authentication/Authorization for Enterprise SPI Guide
27
The following is an example of a message the search appliance sends to the Policy Decision Point:
POST /authz HTTP/1.1
Host: pdp.yourdomain.com
Content-Type: text/xml
SOAPAction: http://www.oasis-open.org/committees/security
Content-length: nnn
<?xml version="1.0" ?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<samlp:AuthzDecisionQuery ID="kijcfklibdkjeopfobgifdbknijdjgooccdfaigc"
IssueInstant="2010-07-16T02:05:07Z"
Resource="
http://content2.yourdomain.com/doc.html"
Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer>
http://google.com/enterprise/gsa/T2-IO2BQQ2PYJSJT
</saml:Issuer>
<saml:Subject>
<saml:NameID>
user1
</saml:NameID>
</saml:Subject>
<saml:Action Namespace="urn:oasis:names:tc:SAML:1.0:action:ghpp">
GET
</saml:Action>
</samlp:AuthzDecisionQuery>
<samlp:AuthzDecisionQuery ID="kaaapjecdbephgcciodkdighcaglaojmejkojblg"
IssueInstant="2010-07-16T02:05:07Z"
Resource="
http://site.yourdomain.com/secure2.html"
Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer>
http://google.com/enterprise/gsa/T2-IO2BQQ2PYJSJT
</saml:Issuer>
<saml:Subject>
<saml:NameID>
user1
</saml:NameID>
</saml:Subject>
<saml:Action Namespace="urn:oasis:names:tc:SAML:1.0:action:ghpp">
GET
</saml:Action>
</samlp:AuthzDecisionQuery>
</soapenv:Body>
</soapenv:Envelope>