SAML: Difference between revisions
| Line 21: | Line 21: | ||
* [[SAML Concepts|Concepts]] | * [[SAML Concepts|Concepts]] | ||
* [[SAML Specifications|Specifications]] | |||
Revision as of 01:46, 21 February 2017
External
- Introduction to SAML 2.0 http://www.slideshare.net/koivimik/introduction-to-saml-20
- Core Security Patterns: Identity Management Standards and Technologies, Introduction to SAML http://www.informit.com/articles/article.aspx?p=1398625&seqNum=3
- http://en.wikipedia.org/wiki/SAML
Relevance
SAML 2.0
Overview
SAML stands for Security Assertion Markup Language. It is an XML-based open-standard data format and a set of conventions for exchanging authentication and authorization information between heterogenous parties, designated by the standard as Identity Provider (IdP) and Service Provider (SP). The parties exchange security assertions in a vendor-independent manager.
SAML is an OASIS approved standard. SAML 2.0 specification was released in March 2005. SAML was designed to be flexible and extensible, and as such is used by other standards. It is platform-neutral and vendor-netural.
The most important use case for SAML is web browser single sign-on (SSO) between independent but cooperating parties. Other use cases are attribute-based authorization, identity federation and WS-Security