Provide Endpoint for ECP wrapped assertions
If an app want to use k2k, then the keystone SP is probably setup to leverage ECP SAML assertions.
Currently, the SAML assertion that is generated by the IdP keystone does not contain the ECP related bits, such as:
<soap11:Envelope xmlns:soap11="http://
<soap11:Header>
</soap11:
<soap11:Body>
</soap11:Body>
</soap11:Envelope>
we should add these into the saml generator code so that a client can simply get a SAML assertion from his token, and pass that assertion directly to a remote keystone.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Medium
- Drafter:
- Morgan Fainberg
- Direction:
- Approved
- Assignee:
- Steve Martinelli
- Definition:
- Approved
- Series goal:
- Accepted for kilo
- Implementation:
- Implemented
- Milestone target:
- 2015.1.0
- Started by
- Thierry Carrez
- Completed by
- Steve Martinelli
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Add relay_state_prefix to Service Provider
Addressed by: https:/
Add API to create ecp wrapped saml assertion
Gerrit topic: https:/
Addressed by: https:/
Add a relay_state_prefix to the service provider resource
Gerrit topic: https:/
Addressed by: https:/
Endpoint to generate ECP assertions