The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Diff for SAML, JAAS, & Role-Based Access Control

Mon, 2008-06-09 13:54 by paulmadsenTue, 2008-06-10 13:59 by carolgeyer
Changes to Body
 
<p>
 
<p>
-
<em>Web service clients can be implemented as JavaServer Pages, servlets,
+
Web service clients can be implemented as JavaServer Pages, servlets,
 
or Java applications, or as executables written in C++, Perl, Visual
 
or Java applications, or as executables written in C++, Perl, Visual
 
Basic, JavaScript. A truly ubiquitous protocol. In this article, I use
 
Basic, JavaScript. A truly ubiquitous protocol. In this article, I use
 
Role-based Access Control (RBAC). Basically, role-based authorization
 
Role-based Access Control (RBAC). Basically, role-based authorization
 
is achieved by using:
 
is achieved by using:
-
</em>
  
 
</p>
 
</p>
 
<ul>
 
<ul>
-
<li><em>A <a href="http://xml.coverpages.org/saml.html">SAML</a> (Security Assertion Markup Language) token provisioned as a Group Principal used within the Web service client.
+
<li>A <a href="http://xml.coverpages.org/saml.html">SAML</a> (Security Assertion Markup Language) token provisioned as a Group Principal used within the Web service client.
-
</em></li>
+
</li>
-
<li><em>The <a href="http://java.sun.com/javase/technologies/security/">JAAS</a> (Java Authentication and Authorization Service) Framework to contain the Group Principal information in the JAAS Subject.
+
<li>The <a href="http://java.sun.com/javase/technologies/security/">JAAS</a> (Java Authentication and Authorization Service) Framework to contain the Group Principal information in the JAAS Subject.
-
</em></li>
+
</li>
-
<li><em>A Custom API that is specified in a similar fashion to
+
<li>A Custom API that is specified in a similar fashion to
 
standard privileges management systems that provide authorization
 
standard privileges management systems that provide authorization
-
behavior.</em>
+
behavior.
 
</li>
 
</li>
 
</ul>
 
</ul>
-
Read the complete article by Frank TetiĀ  at <a href="http://www.ddj.com/web-development/208402532">Dr Dobbs Portal.</a>
+
<em>
  +
Read the complete article by Frank Teti at <a href="http://www.ddj.com/web-development/208402532">Dr Dobbs Portal.</a></em>
 
 
Current revision:

SAML, JAAS, & Role-Based Access Control

Web service clients can be implemented as JavaServer Pages, servlets, or Java applications, or as executables written in C++, Perl, Visual Basic, JavaScript. A truly ubiquitous protocol. In this article, I use a Java application as a Web service client and show how to secure that client from an authentication and authorization standpoint via Role-based Access Control (RBAC). Basically, role-based authorization is achieved by using:

  • A SAML (Security Assertion Markup Language) token provisioned as a Group Principal used within the Web service client.
  • The JAAS (Java Authentication and Authorization Service) Framework to contain the Group Principal information in the JAAS Subject.
  • A Custom API that is specified in a similar fashion to standard privileges management systems that provide authorization behavior.
Read the complete article by Frank Teti at Dr Dobbs Portal.
XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I

Hosted by:

OASIS