making an Actor field in a WIF-minted assertion


using the code from my safari-licensed copy of the WIF book.

What we have not seen is any sample of an RP that really showcases use of the Actor field – recalling that the identity therein is that of the webapp itself (vs. the user authenticating to the webapp).

Id expect, for this use case, that the user identity is pretty “generic” – being from any IDP. The RP is happy to handle such identities. However, it wants to do so only when responding to requests from particular tenants of a given webapp.


About home_pw

Computer Programmer who often does network administration with focus on security servers. Sometimes plays at slot machine programming.
This entry was posted in SSO. Bookmark the permalink.