Authentication context refers to information added to a SAML Authentication Assertion regarding details of the technology used for the actual authentication action. This information might include the method of authentication (HTTP Basic or Safeword), the process followed in the issuance of the identity (for example, web self-registration), and any other characteristics that may be relevant to the SAML assertion consumer. The following XML example describes a user having authenticated with a password over an SSL-protected session:
<?xml version="1.0" encoding="UTF-8" ?> <AuthenticationContextStatement> <AuthenticationMethod> <PrincipalAuthenticationMethod> <Password> <Length min="3"/> </Password> </PrincipalAuthenticationMethod> <AuthenticatorTransportProtocol> <SSL/> </AuthenticatorTransportProtocol> </AuthenticationMethod> <AuthenticationContextStatement> |