Microsoft has announced that the August preview release of a component of its Windows Azure AppFabric cloud computing platform adds support for federated identity and single sign-on...The ACS update should be good news for developers and service providers working on applications meant to run on Windows Azure and Windows Server as it also enables access control as a service for federating identities...[The] ACS update provides Security Assertion Markup Language (SAML) 1.1 and 2 support, as well as support for the OAuth WRAP, WS-Trust, and WS-Federation protocols...
Welcome to SAML XML.org.
This is the official community gathering place and information resource for the SAML OASIS Standard. SAML provides an XML-based framework for creating and exchanging security information between online partners. This is a community-driven site, and the public is encouraged to contribute content.
Directory services may be old news, but they still represent an important part of the IT infrastructure. The question for many organizations is how to take an existing directory that grew up around locally served applications and services such as file and print, and use it with cloud-based services such as Google and Salesforce.com. Too often, the answer is to avoid integration between local identities and the cloud. That choice, convenient as it may be in the short run, is likely to blow up in one's face someday.
Charter Communications, the nation's fourth-largest cable operator, is testing the TV Everywhere waters with last week's trial launch...Content-wise, Graham Williams, Charter's director of product management, said the cable operator is working with TNT and TBS, as well as Style, E!, G4 and The Weather Channel. On the back end, Charter has again teamed up with Synacor for authentication of the TV Everywhere service, which entails each user logging in via their Charter e-mail address and a password.
Exostar today announced BAE Systems as the first customer to use the Enterprise Access Gateway (EAG) in a production environment. EAG is a feature of Exostar’s cloud-based Managed Access Gateway (MAG) external identity federation solution. Companies like BAE Systems increasingly require secure access to information hosted in other organizations’ applications to conduct business effectively. EAG and MAG transparently deliver this capability for end-users by enabling single sign-on across organizations with mutual trust.
I have a use case that does not seem to be fulfilled by Single Logout. Perhaps it is just the particular product that we are using for our federation.
In the use case, a user has logged into multiple service providers. They allow their session to timeout at the Identity Provider (either from not using the services at the IdP or by leaving their browser session idle) and then issue a Single Logout request from one of the service providers.