SAMLv2.0 HTTP POST “SimpleSign” Binding
Defines a SAML HTTP protocol binding, specifically using the HTTP POST method, and not using XML Digital Signature for SAML message data origination authentication. Rather, a “sign the BLOB” technique is employed wherein a conveyed SAML message is treated as a simple octet string if it is signed. Conveyed SAML assertions may be individually signed using XMLdsig. Security is optional in this binding.
Produced by:
Security Services (SAML) TCVoting history:
March 2008
OASIS Standard:
Cite as:
Cite as:
[SAML2.0-binding-simplesign] SAMLv2.0 HTTP POST "SimpleSign" Binding. Edited by Jeff Hodges and Scott Cantor. 27 March 2008. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesign-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesign.html.