Google Search Appliance Authentication/Authorization for Enterprise SPI Guide User Manual
Page 28
Google Search Appliance: Authentication/Authorization for Enterprise SPI Guide
28
In return, the search appliance expects to receive one or more SAML Response elements inside a SOAP
envelope from the Policy Decision Point. The PDP should return the same number of Response
elements to correspond with the number of AuthzDecisionQuery elements that the search appliance
sent in its request. The ordering of the responses within the SOAP envelope does not matter, but the ID
attributes of the AuthzDecisionQueries must be preserved in the Response elements. The following is
an example of a possible response from the Policy Decision Point:
HTTP/1.1 200 OK
Content-Type: text/xml
Content-Length: nnn
IssueInstant="2010-07-16T02:05:08Z" Version="2.0" IssueInstant="2010-07-16T02:05:08Z" Version="2.0"> myauthn user1 Resource=" http://content2.yourdomain.com/doc.html"> GET IssueInstant="2010-07-16T02:05:08Z" Version="2.0" IssueInstant="2010-07-16T02:05:08Z" Version="2.0"> myauthn user1 Resource=" http://site.yourdomain.com/secure2.html">
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">