The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.
Diff for Assertions
| Wed, 2007-12-12 23:53 by carolgeyer | Wed, 2007-12-12 23:55 by carolgeyer | ||
|---|---|---|---|
| < previous diff | next diff > | ||
| Changes to Body | |||
| Line 8 | Line 8 | ||
</p>
| </p>
| ||
<p>
| <p>
| ||
| - | <strong>Authentication</strong>: The specified subject was authenticated by a particular means at a particula time. This kind of statement is typically generated by a SAML authority called an identity provider, which is in charge of authenticating users and keeping track of other information<br />
| + | <strong>Authentication</strong>: The specified subject was authenticated by a particular means at a particula time. This kind of statement is typically generated by a SAML authority called an identity provider, which is in charge of authenticating users and keeping track of other information about them.
|
| - | about them.
| + | |
</p>
| </p>
| ||
<p>
| <p>
| ||
| Line 17 | Line 16 | ||
<strong>Authorization decision</strong>: A request to allow the specified subject to access the specified<br />
| <strong>Authorization decision</strong>: A request to allow the specified subject to access the specified<br />
| ||
resource has been granted or denied.
| resource has been granted or denied.
| ||
| - | </p>
| ||
| - | <p>
| ||
| - | The outer structure of an assertion is generic, providing information that is common to all of the statements within it. Within an assertion, a series of inner elements describe the authentication, attribute, authorization decision, or user-defined statements containing the specifics.
| ||
</p>
| </p>
| ||
<p>
| <p>
| ||
An assertion consists of one or more statements. For single sign-on, a
| An assertion consists of one or more statements. For single sign-on, a
| ||
typical SAML assertion will contain a single authentication statement
| typical SAML assertion will contain a single authentication statement
| ||
| - | and possibly a single attribute statement. Note that a SAML response
| + | and possibly a single attribute statement. Note that a SAML response
|
could contain multiple assertions, although its more typical to have a
| could contain multiple assertions, although its more typical to have a
| ||
| - | single assertion within a response.
| + | single assertion within a response.
|
| + | </p>
| ||
| + | <p>
| ||
| + | The outer structure of an assertion is generic, providing information that is common to all of the statements within it. Within an assertion, a series of inner elements describe the authentication, attribute, authorization decision, or user-defined statements containing the specifics.
| ||
| + | </p>
| ||
| + | <p>
| ||
| + |
| ||
</p>
| </p>
| ||
<p>
| <p>
| ||
Assertions
SAML is defined in terms of assertions, protocols, bindings, and profiles.
An assertion is a package of information that supplies one or
more statements made by a SAML authority. SAML defines three different
kinds of assertion statement that can be created by a SAML authority:
Authentication: The specified subject was authenticated by a particular means at a particula time. This kind of statement is typically generated by a SAML authority called an identity provider, which is in charge of authenticating users and keeping track of other information about them.
Attribute: The specified subject is associated with the supplied attributes.
Authorization decision: A request to allow the specified subject to access the specified
resource has been granted or denied.
An assertion consists of one or more statements. For single sign-on, a typical SAML assertion will contain a single authentication statement and possibly a single attribute statement. Note that a SAML response could contain multiple assertions, although its more typical to have a single assertion within a response.
The outer structure of an assertion is generic, providing information that is common to all of the statements within it. Within an assertion, a series of inner elements describe the authentication, attribute, authorization decision, or user-defined statements containing the specifics.
See also:
- SAML Executive Overview
- SAML Technical Overview
Search
SUBSCRIBE
RECENT CONTENT
- SAML Wiki Knowledgebase
10 years ago - SAML 2.0 with java Sample
10 years ago - Govt Computer News: 'The power of one password'
10 years ago
1 reply - OASIS approves SAML 2.0 Errata
10 years ago
1 reply - IBM Pushes Federated Identity Management
10 years ago
1 reply - VMware Unveils Horizon App Manager
10 years ago
1 reply
