This link has been bookmarked by 50 people . It was first bookmarked on 08 Sep 2006, by titi.
-
16 Apr 13
-
01 Apr 12
-
SAML protocol refers to what is transmitted
-
Assertion A was issued at time t by issuer R regarding subject S provided conditions C are valid
-
Assertions contain statements that service providers use to make access-control decisions
-
Three types of statements are provided by SAML
-
SAML assertions are usually transferred from identity providers to service providers
-
Authentication statements assert to the service provider that the principal did indeed authenticate with the identity provider at a particular time using a particular method of authentication
-
An attribute statement asserts that a subject is associated with certain attributes
-
An authorization decision statement asserts that a subject is permitted to perform action A on resource R given evidence E.
-
-
07 May 10
-
24 Mar 10
-
02 Feb 10
-
02 Jan 10
-
29 Oct 09
-
21 May 09
-
17 Apr 09
-
02 Apr 09
-
24 Feb 09
-
04 Feb 09
-
03 Feb 09
-
19 Dec 08
Jeff CloughSecurity Assertion Markup Language (SAML) is an XML-based standard for exchanging authentication and authorization data between security domains, that is, between an identity provider (a producer of assertions) and a service provider (a consumer of assert
-
30 Oct 08
-
15 Sep 08
-
05 Jun 08
-
23 Apr 08
-
27 Mar 08
-
27 Feb 08
-
26 Feb 08
-
22 Feb 08
-
15 Jan 08
-
Liberty described a circle of trust, where each participating domain is trusted to accurately document the processes used to identify a user, the type of authentication system used, and any policies associated with the resulting authentication credentials. Other members of the circle of trust may examine these policies to determine whether to trust such information.
-
Thus in March 2005, SAML V2.0 was announced as an OASIS Standard. SAML V2.0 represents the convergence of Liberty ID-FF and other proprietary extensions, as well as early versions of SAML itself.
-
The term SAML Core refers to the general syntax and semantics of SAML assertions as well as the protocol used to request and transmit those assertions from one system entity to another.
-
SAML protocol refers to what is transmitted, not how (the latter is determined by the choice of binding).
-
A SAML binding determines how SAML requests and responses map onto standard messaging or communications protocols. An important (synchronous) binding is the SAML SOAP binding.
-
- Authentication statements
- Attribute statements
- Authorization decision statements
Three types of statements are provided by SAML:
-
The most important type of SAML protocol request is called a query. A service provider makes a query directly to an identity provider over a secure back channel. Thus query messages are typically bound to SOAP.
-
- Authentication query
- Attribute query
- Authorization decision query
Corresponding to the three types of statements, there are three types of SAML queries:
-
A SAML binding is a mapping of a SAML protocol message onto standard messaging formats and/or communications protocols. For example, the SAML SOAP binding specifies how a SAML message is encapsulated in a SOAP envelope, which itself is bound to an HTTP message.
-
- SAML SOAP Binding (based on SOAP 1.1)
- Reverse SOAP (PAOS) Binding
- HTTP Redirect (GET) Binding
- HTTP POST Binding
- HTTP Artifact Binding
- SAML URI Binding
SAML 2.0 completely separates the binding concept from the underlying profile. In fact, there is a brand new binding specification in SAML 2.0 that defines the following standalone bindings:
-
-
06 Dec 07
-
04 Oct 07
-
12 Jul 07
-
01 Mar 07
-
15 Jan 07
-
04 Oct 06
-
08 Sep 06
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.