A requesting party uses AuthenticationQuery, AttributeQuery, and AuthorizationDecisionQuery tags within a <samlp:Request> to ask for assertions about a particular entity from a SAML authority. Following is an example request containing an attribute query.
<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.1:protocol" RequestID="s9c4a43c0265e904ca86f43c3e30034dd56582a79" MajorVersion="1" MinorVersion="1" IssueInstant="2006-01-09T11:33:48Z"> <samlp:AttributeQuery> <saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:1.1:assertion"> <saml:NameIdentifier NameQualifier="dc=example,dc=com">uid=amadmin,dc=example,dc=com</saml:NameIdentifier> <saml:SubjectConfirmation> <saml:ConfirmationMethod>urn:com:sun:identity</saml:ConfirmationMethod> <saml:SubjectConfirmationData> </saml:SubjectConfirmationData> </saml:SubjectConfirmation> </saml:Subject> </samlp:AttributeQuery> </samlp:Request> |