SAML: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 18: Line 18:
The most important use case for SAML is [[SAML_Concepts#Web_Browser_Single_Sign-On|web browser single sign-on (SSO)]] between independent but cooperating parties. Other use cases are [[SAML_Concepts#Attribute-based_Authorization|attribute-based authorization]], [[SAML_Concepts#Identity_Federation|identity federation]] and [[SAML_Concepts#WS-Security|WS-Security]].  
The most important use case for SAML is [[SAML_Concepts#Web_Browser_Single_Sign-On|web browser single sign-on (SSO)]] between independent but cooperating parties. Other use cases are [[SAML_Concepts#Attribute-based_Authorization|attribute-based authorization]], [[SAML_Concepts#Identity_Federation|identity federation]] and [[SAML_Concepts#WS-Security|WS-Security]].  


SAML use cases are defined as [[SAML_Concepts#SAML_Profile|profiles]]. A profile combines [[SAML_Concepts#SAML_Assertion|assertions]], [[SAML_Concepts#SAML_Protocol|protocols]] and [[SAML_Concepts#SAML_Binding|bindings]] to support a specific use case.
SAML use cases are defined by the standard documents as [[SAML_Concepts#SAML_Profile|profiles]]. A profile combines [[SAML_Concepts#SAML_Assertion|assertions]], [[SAML_Concepts#SAML_Protocol|protocols]] and [[SAML_Concepts#SAML_Binding|bindings]] to support a specific use case.


=Subjects=
=Subjects=

Revision as of 02:04, 21 February 2017

External

Relevance

SAML 2.0

Overview

SAML stands for Security Assertion Markup Language. It is an XML-based open-standard data format and a set of conventions for exchanging authentication and authorization information between heterogenous parties, designated by the standard as Identity Provider (IdP) and Service Provider (SP). The parties exchange security assertions in a vendor-independent manager. However, SAML does not specifies the underlying user authentication mechanism.

SAML is an OASIS approved standard. SAML 2.0 specification was released in March 2005. SAML was designed to be flexible and extensible, and as such is used by other standards. It is platform-neutral and vendor-netural.

The most important use case for SAML is web browser single sign-on (SSO) between independent but cooperating parties. Other use cases are attribute-based authorization, identity federation and WS-Security.

SAML use cases are defined by the standard documents as profiles. A profile combines assertions, protocols and bindings to support a specific use case.

Subjects