The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Welcome to SAML XML.org.

This is the official community gathering place and information resource for the SAML OASIS Standard. SAML provides an XML-based framework for creating and exchanging security information between online partners. This is a community-driven site, and the public is encouraged to contribute content.

Public review begins for Subject Profiles for SAML 1.1 Assertions

The OASIS Security Services (SAML) TC has approved Subject-Based Profiles for SAML 1.1 Assertions as a Committee Draft and submitted it for public review. The profile places constraints on SAML 1.1 subjects and assertions so that they have properties similar to SAML 2.0 subjects and assertions. This public review ends 12 Aug.

Read more

Pushing String blog: http://www.xmlgrrl.com/blog

Call for Profiling Intentions

The SSTC is issuing a "call for profiling intentions" in order to organize its work for the next several months. If you are planning to submit a SAML profile, binding, or extension to the SSTC for its consideration sometime soon(ish), please drop me a note with a proposed title, short abstract/rationale, and the timeframe in which you plan to bring the draft to the SSTC.

Similarly, if you are working on a SAML profile or extension in your own venue and want to seek the SSTC's guidance, let us know that as well.

Read more

OASIS officially launches SAML XML.org

The OASIS international standards consortium today introduced a new XML.org online community web site dedicated to supporting the Security Assertion Markup Language (SAML). The site (http://saml.xml.org) will serve as the official information resource for the SAML OASIS Standard, which provides an XML-based framework for online partners to exchange user authentication, entitlement, and attribute information.

Read more

Which usecase scenario to use

Hi,

I had the following situation and i am confused after reading several articles what usecase senario to use.

We had a link to other partner website from our web application. the user was already authenticated here on our side and try to acces our partner website. they had there own logins on the partner site so for the first ever time the user shud see the login screen on partner site and then onwards shud login seamlessly.

shud it be IDP initiated or SP initaiated SSO. it wud be appreciated it you give steps that i need to do from my side.

Read more

Secure Web Services 2008

Location: 
Fairfax, Virginia, Usa
Date: 
31 Oct 2008 - 09:00 - 17:00
Event Type: 
Conference
XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I