Password
This element indicates that a password (or passphrase)
has been used to
authenticate the Principal to a remote system.
Element information
Namespace: None
Schema document: saml-2.0-os/saml-schema-authn-context-types-2.0.xsd
Type: PasswordType
Properties: Global, Qualified
Content
- Sequence [1..1]
- Length [0..1] This element indicates the minimum and/or maximum ASCII length of the password which is enforced (by the UA or the IdP). In other words, this is the minimum and/or maximum number of ASCII characters required to represent a valid password. min - the minimum number of ASCII characters required in a valid password, as enforced by the UA or the IdP. max - the maximum number of ASCII characters required in a valid password, as enforced by the UA or the IdP.
- Alphabet [0..1]
- Generation [0..1] Indicates whether the password was chosen by the Principal or auto-supplied by the Authentication Authority. principalchosen - the Principal is allowed to choose the value of the password. This is true even if the initial password is chosen at random by the UA or the IdP and the Principal is then free to change the password. automatic - the password is chosen by the UA or the IdP to be cryptographically strong in some sense, or to satisfy certain password rules, and that the Principal is not free to change it or to choose a new password.
- Extension [0..*]
Attributes
| Name | Occ | Type | Description | Notes |
|---|---|---|---|---|
| ExternalVerification | [0..1] | xsd:anyURI |
Used in
- Group AuthenticatorChoiceGroup
- Group AuthenticatorSequenceGroup
- Type AuthenticatorBaseType via reference to AuthenticatorChoiceGroup (Element Authenticator)
- Type AuthenticatorBaseType via reference to AuthenticatorSequenceGroup (Element Authenticator)
- Type ComplexAuthenticatorType via reference to AuthenticatorChoiceGroup (Element ComplexAuthenticator)
- Type ComplexAuthenticatorType via reference to AuthenticatorSequenceGroup (Element ComplexAuthenticator)
- Type PrincipalAuthenticationMechanismType (Element PrincipalAuthenticationMechanism)
Sample instance
<Password> <Length min="1"/> <Alphabet requiredChars="string"/> <Generation mechanism="principalchosen"/> <Extension> <!--any element--> </Extension> </Password>