The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Welcome to SAML

This is the official community gathering place and information resource for the SAML OASIS Standard. SAML provides an XML-based framework for creating and exchanging security information between online partners. This is a community-driven site, and the public is encouraged to contribute content.

SAML 2.0 with java Sample


can someone give me a short example for making a SOAP request for a SAML 2 token (with username and password) with JAVA. The SAML 2 token should be used in another Request for a different web service (as Header). Couldn't find usefull examples by searching the internet. Also a example for encrypted request is needed. Are they any usefull libs to use?

Tried it with apache axis, but didn't work (encrypted). 




Identity propagation with SAML


In my scenario I have the following entities:

- SAML secured Portal (Domain A)

- User

- SAML secured API( Domain B, so different domain than the portal)

Read more

SP and IDP implementation

I am implementing a Service Provider in java and an IDP in java, which is necessary to implement in order to comply with a basic implementation?

Logout Request if necessary signed?

a logout request, which must be signed? the application service provider for the idp, idp or response to the service provider? is it really necessary to sign the service provider?

How to intercept saml authnrequest

I am using SAML2 authentication engine. I would like to log the SAML Request AND SAML Response. How do I intercept the request and response using idp-metadata.xml or attribute-resolver.xml or handler.xml

Any help would be appreciated Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I