The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.


Fedlet is a lightweight Service Provider implementation of SAML2 SSO protocols, embeddable in a Java EE web application. Fedlet is a new feature, which will be part of upcoming Sun Federated Access Manager (OpenSSO) release.

Fedlets are extremely light weight, and they can be easily embedded into a Service Provider application, and enable it to accept SAML POST from an Identity Provider, and use that to pull user attributes into the Service Provider application. The user attributes are part of the SAML Response from the IDP, that the IDP sends to the Fedlet, once an user successfully authenticates at the Identity Provider. Fedlets have many interesting usage in Federation scenarios such as -

  • Quick federation enablement of Service Providers, which allows Identity Providers to make them a part of their business circle of trust in no time and to use their feature Offerings.
  • Federation enablement at minimal cost and minimal investment in hardware and services.
  • Support minimal SSO related needs in business scenarios, without the need for a full fledged Federation product/solution deployment.
Read the complete article by Sidharth Mishra. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I