SAML Concepts: Difference between revisions
| Line 45: | Line 45: | ||
=SAML Protocol= | =SAML Protocol= | ||
<font color=red>Requests and responses for obtaining assertions and doing identity management.</font> | |||
=SAML Assertion= | =SAML Assertion= | ||
Revision as of 01:30, 21 February 2017
Internal
Security Assertion
Subject
Subjects are entities that have identity related information specific to a security domain.
Security Domain
Identity Provider
The Identity Provider (IdP) is.
The Identity Provider is also known as the asserting party.
Service Provider
The Service Provider (SP) is ....
The Service Provider is also known as the relying party.
Trust Relationship
There is a trust relationship between the Identity Provider and and the Service Provider.
SAML Use Cases
Web Browser Single Sign-On
Web browser single sign-on (SSO) among independent but cooperating parties is the most important SAML use case. Another more recent approach to addressing browser SSO is the OpenID Connect protocol.
Attribute-based Authorization
Identity Federation
WS-Security
SAML Profile
A profile is essentially a use case for SAML. If that is true, map to use cases above and coalesce. The profile combines assertions, protocols and bindings to support a specific use case.
SAML Binding
SAML Protocol
Requests and responses for obtaining assertions and doing identity management.
SAML Assertion
Authentication, attribute and entitlement information.
To Deplete
- https://home.feodorov.com:9443/wiki/Wiki.jsp?page=SingleSignOn
- https://home.feodorov.com:9443/wiki/Wiki.jsp?page=PicketLinkSAMLSSO#section-PicketLinkSAMLSSO-Concepts