You can now download free toolkits and reference implementations for service providers which will integrate with Identity Providers supporting the open SAML 2.0 standard. The toolkits and associated reference implementations implements the Danish eGov OIOSAML 2.0 profile and can be downloaded from the open source repository. The purpose of these toolkits is twofold.
Welcome to SAML XML.org.
This is the official community gathering place and information resource for the SAML OASIS Standard. SAML provides an XML-based framework for creating and exchanging security information between online partners. This is a community-driven site, and the public is encouraged to contribute content.
Free Open SAML 2.0 Toolkits for eGov Federations
News: Submitted by carolgeyer on Tue, 2008-09-09 13:48.
"Security Challenges for the Information Society"
Event: Submitted by deeschur on Thu, 2008-08-21 14:20.
Location:
London, UKDate:
30 Sep 2008 - 08:00 - 3 Oct 2008 - 06:00Event Type:
Conference(1) direct communication and (2) forwarding the assertion
Forum topic: Submitted by dimoxinil on Tue, 2008-08-19 13:29.
Hi,
I'm new to SAML and I have two - hopefully not too silly - questions:
(Question 1)
I understood from the profiles in the standard that when requesting an assertion the relying party (server) never contacts the SAML authority (identity provider) directly but only via the user (client), e.g. by redirect.
My question: Is it also possible that the server contacts the SAML authority directly to request an assertion?
- If not, why not?
- If yes, where can I find this variation in the standard?
SAML 1.0 mailing list archives
Wiki page: Submitted by bcampbell on Mon, 2008-08-18 22:25.
Mail archives are available for the following SSTC mailing lists that are no longer in use.
- security-use
- security-core
- security-protocol
- security-bindings
- security- consider
- security-conform
SAML 2.0 and WS-Security
Forum topic: Submitted by lweir on Wed, 2008-08-13 13:32.
I am intending to use the SAML v2 specification by OASIS to generate SAML Assertions and include the same within the SOAP Header of all messages along with a WS Digital Signature. The intention is to address the 3 of the 4 A's of security to our services landscape.
My concern is that -as for now- OSASIS WS-Security v1.1 provides a SAML Token Profile (http://www.oasis-open.org/specs/#wssprofilesv1.0) but it seems this profile is for SAML v1.1! Therefore, my solution might have a gap!
Is possible / supported to use WS-Security v1.1 along with SAML v2.0??
Search
SUBSCRIBE
RECENT CONTENT
- How to intercept saml authnrequest
3 days ago - How to create SAML2XMLObject
3 days ago - LogoutRequest
1 week ago - Clickability Launches Enterprise-Class, SaaS-based Web Business Platform
2 weeks ago
2 replies - SAML 2.0 and Microsoft .NET
3 weeks ago
8 replies - InWebo
6 weeks ago
Navigation
Currently online: 4 guests and 0 users:
