SAML Web Browser Single Sign-On Profile: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
No edit summary
 
(3 intermediate revisions by the same user not shown)
Line 7: Line 7:
Web browser single sign-on (SSO) among independent but cooperating parties is the most important SAML use case. Another more recent approach to addressing browser SSO is the [[OpenID Connect]] protocol. The SSO implies standard browsers, and multiple service providers. With SAML-based SSO is that a user password never crosses a firewall.
Web browser single sign-on (SSO) among independent but cooperating parties is the most important SAML use case. Another more recent approach to addressing browser SSO is the [[OpenID Connect]] protocol. The SSO implies standard browsers, and multiple service providers. With SAML-based SSO is that a user password never crosses a firewall.


Web browser SSO uses the SAML [[SAML Authentication Request Protocol|Authentication Request protocol]].
Web browser SSO uses the [[SAML Authentication Request Protocol|Authentication Request protocol]], in conjunction with the HTTP Redirect, HTTP POST, and [[SAML HTTP Artifact Binding|HTTP Artifact binding]].
 
=TODO=
 
<font color=red>https://home.feodorov.com:9443/wiki/Wiki.jsp?page=SAMLWebBrowserSSOProfile</font>

Latest revision as of 19:12, 21 February 2017

Internal

Overview

Web browser single sign-on (SSO) among independent but cooperating parties is the most important SAML use case. Another more recent approach to addressing browser SSO is the OpenID Connect protocol. The SSO implies standard browsers, and multiple service providers. With SAML-based SSO is that a user password never crosses a firewall.

Web browser SSO uses the Authentication Request protocol, in conjunction with the HTTP Redirect, HTTP POST, and HTTP Artifact binding.

TODO

https://home.feodorov.com:9443/wiki/Wiki.jsp?page=SAMLWebBrowserSSOProfile