ulex:UserAssertionSAML
A wrapper for a SAML 2.0 user assertion.
Element information
Namespace: http://ulex.gov/ulex/2.0
Schema document: ulex.gov/ulex/2.0/ulex.xsd
Type: ulex:UserAssertionSAMLType
Properties: Global, Qualified
Content
- saml:Assertion [1..1]A SAML assertion is a package of information that supplies zero or more statements made by a SAML authority; SAML authorities are sometimes referred to as asserting parties in discussions of assertion generation and exchange, and system entities that use received assertions are known as relying parties. SAML assertions are usually made about a subject, represented by the "Subject" element. However, the "Subject" element is optional, and other specifications and profiles may utilize the SAML assertion structure to make similar statements without specifying a subject, or possibly specifying the subject in an alternate way. Typically there are a number of service providers that can make use of assertions about a subject in order to control access and provide customized service, and accordingly they become the relying parties of an asserting party called an identity provider.
Attributes
None
Used in
- Type ulex:RequestMessageType
- Type ulexsn:TopicSubscriptionType (Element ulexsn:TopicSubscription)
- Type ulex:DomainRequestMessageType (Element ulex:DomainRequestMessage)
- Type ulexsn:DataItemSubscriptionType (Elements ulexsn:DataItemRetrievalSubscription, ulexsn:DataItemSearchSubscription)
- Type ulex:OriginMetadataType (Elements ulex:RetrievalOriginMetadata, ulex:SearchOriginMetadata)
- Type ulexsn:SubscriptionType (Elements ulexsn:IdenticalSearchSubscription, ulexsn:MatchSubscription, ulexsn:SimilarSearchSubscription)
- Type ulex:SearchRequestMessageType via extension of ulex:RequestMessageType
- Type ulex:AttachmentRequestMessageType via extension of ulex:RequestMessageType (Element ulex:AttachmentRequestMessage)
- Type ulex:AttachmentSearchRequestMessageType via extension of ulex:RequestMessageType (Element ulex:AttachmentSearchRequestMessage)
- Type ulex:DataItemMetadataSearchRequestMessageType via extension of ulex:RequestMessageType (Element ulex:DataItemMetadataSearchRequestMessage)
- Type ulex:DataItemRequestMessageType via extension of ulex:RequestMessageType (Element ulex:DataItemRequestMessage)
- Type ulex:StructuredSearchRequestMessageType via extension of ulex:RequestMessageType (Element ulex:StructuredSearchRequestMessage)
- Type ulex:TextSearchRequestMessageType via extension of ulex:RequestMessageType (Element ulex:TextSearchRequestMessage)
Substitution hierarchy
- ulex:UserAssertionAbstract
- lexs:UserAssertion
- ulex:UserAssertion
- ulex:UserAssertionSAML
Sample instance
<ulex:UserAssertionSAML> <saml:Assertion ID="_5d2d4835eb069818ee291d4a0e11dff2" IssueInstant="2010-01-28T18:51:03.548Z" Version="2.0"> <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"> https://idp.ref.gfipm.net/idp/shibboleth </saml:Issuer> <saml:Subject> <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"> _a587e69b6d76f7aad403b795c8160b8a </saml:NameID> <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> <saml:SubjectConfirmationData Address="10.50.14.130" InResponseTo="_d6f2631f57762c11f41dd05bf6310a34" NotOnOrAfter="2010-01-28T18:56:03.548Z" Recipient="https://rhelsp.ref.gfipm.net/Shibboleth.sso/SAML2/POST"/> </saml:SubjectConfirmation> </saml:Subject> <saml:Conditions NotBefore="2010-01-28T18:51:03.548Z" NotOnOrAfter="2010-01-28T18:56:03.548Z"> <saml:AudienceRestriction> <saml:Audience> https://rhelsp.ref.gfipm.net/shibboleth </saml:Audience> </saml:AudienceRestriction> </saml:Conditions> <saml:AuthnStatement AuthnInstant="2010-01-28T18:51:03.452Z" SessionIndex="ad5e97f7afbe0a0372890b3a744f0d8a16dd8ae6621d30cf89a9409c62dbcd0c"> <saml:SubjectLocality Address="10.50.14.130"/> <saml:AuthnContext> <saml:AuthnContextDeclRef> urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport </saml:AuthnContextDeclRef> </saml:AuthnContext> </saml:AuthnStatement> <saml:AttributeStatement> <saml:Attribute Name="gfipm:2.0:user:GivenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string"> Michael </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="gfipm:2.0:user:SurName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string"> Scott </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="gfipm:2.0:user:FederationId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string"> GFIPM:IDP:ExampleIDP:USER:ms01 </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="gfipm:2.0:user:TelephoneNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string"> 404-555-9876 </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="gfipm:2.0:user:EmailAddressText" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string"> ms01@gfipm.net </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="gfipm:2.0:user:EmployerName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string"> Dunder Mifflin </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="gfipm:2.0:user:IdentityProviderId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string"> GFIPM:IDP:ExampleIDP </saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement> </saml:Assertion> </ulex:UserAssertionSAML>