OASIS Security Services (SAML. Defining and maintaining a standard, XML-based framework for creating and exchanging security information between online partners Nathan Klingenstein, ndk@internet2.edu, ChairThomas Hardjono, hardjono@mit.edu, ChairHal Lockhart, hal.lockhart@oracle.com, SecretaryScott Cantor, SecretaryAnil Saldhana, anil.saldhana@redhat.com, Secretary Table of Contents Announcements SAML--Right Here, Right Now Webinar: This webinar from 25 Sept 2012 summarizes the accomplishments of the TC and discusses plans for SAML 2.1.
Download the WMV or PPTX version. Overview The Security Assertion Markup Language (SAML), developed by the Security Services Technical Committee of OASIS, is an XML-based framework for communicating user authentication, entitlement, and attribute information. If you are a manager looking for a high-level overview of SAML, the Executive Overview is recommended. For more information, see the TC Charter and FAQ. Subcommittees No subcommittees have been formed for this TC. TC Liaisons Oblix, Inc. SAML Specifications. Online community for the Security Assertion Markup Language (SAML) OASIS Standard. Impro : SAML을 이용한 SSO Service의 구현. SAML을 이용한 SSO service의 구현. Untimate SSO SAML. ComponentSpace. SAML Profiles All SAML v2.0 profiles are fully supported, acting as either the identity provider or service provider.
Web browser single sign-on (identity provider and service provider initiated) Single logout Artifact resolution Identity provider discovery Authentication, attribute and assertion query Name identifier management and mapping SAML Protocols All SAML v2.0 protocols are fully supported. Create, modify and access SAML protocol messages Serialize SAML messages to and from XML Generate and verify XML signatures (SHA-1 and SHA-256) on SAML messages SAML Bindings All SAML v2.0 bindings are fully supported.
HTTP POST HTTP Redirect HTTP Artifact SOAP PAOS SAML URI SAML Assertions SAML v2.0 assertions are fully supported. Create, modify and access SAML assertions Serialize SAML assertions to and from XML Generate and verify XML signatures (SHA-1 and SHA-256) on SAML assertions Encrypt and decrypt SAML assertions, attributes and identifiers. SAML 2.0. Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization data between security domains.
SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end user) between a SAML authority, that is, an identity provider, and a SAML consumer, that is, a service provider. SAML 2.0 enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO), which helps reduce the administrative overhead of distributing multiple authentication tokens to the user.[1] Some 30 individuals from more than two dozen companies and organizations were involved in the creation of SAML 2.0.
In particular, and of special note, Liberty Alliance donated its Identity Federation Framework (ID-FF) specification to OASIS, which became the basis of the SAML 2.0 specification. SAML 2.0 Assertions[edit] SAML 2.0 Protocols[edit] Single Sign-On.