The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Diff for Assertions

Wed, 2007-12-12 22:31 by carolgeyerWed, 2007-12-12 22:46 by carolgeyer
Changes to Body
Line 1Line 1
 
<p>
 
<p>
-
SAML is defined in terms of assertions, <a href="/protocols">protocols</a>, <a href="/bindings">bindings</a>, and <a href="/profiles">profiles</a>.
+
SAML is defined in terms of assertions, <a rel="nofollow" href="/protocols">protocols</a>, <a rel="nofollow" href="/bindings">bindings</a>, and <a rel="nofollow" href="/components-profiles">profiles</a>.
 
</p>
 
</p>
 
<p>
 
<p>
Line 9Line 9
 
<ul>
 
<ul>
 
<li>
 
<li>
-
<em>Authentication</em>: The specified subject was authenticated by a particular means at a particula  time. This kind of statement is typically generated by a SAML authority called an identity provider, which is in charge of authenticating users and keeping track of other information<br />
+
<em>Authentication</em>: The specified subject was authenticated by a particular means at a particula time. This kind of statement is typically generated by a SAML authority called an identity provider, which is in charge of authenticating users and keeping track of other information<br />
 
about them.</li>
 
about them.</li>
 
<li><em>Attribute</em>: The specified subject is associated with the supplied attributes.</li>
 
<li><em>Attribute</em>: The specified subject is associated with the supplied attributes.</li>
Revision of Wed, 2007-12-12 22:46:

Assertions

SAML is defined in terms of assertions, protocols, bindings, and profiles.

An assertion is a package of information that supplies one or more statements made by a SAML authority. SAML defines three different kinds of assertion statement that can be created by a SAML authority:

  • Authentication: The specified subject was authenticated by a particular means at a particula time. This kind of statement is typically generated by a SAML authority called an identity provider, which is in charge of authenticating users and keeping track of other information
    about them.
  • Attribute: The specified subject is associated with the supplied attributes.
  • Authorization decision: A request to allow the specified subject to access the specified
    resource has been granted or denied.

The outer structure of an assertion is generic, providing information that is common to all of the statements within it. Within an assertion, a series of inner elements describe the authentication, attribute, authorization decision, or user-defined statements containing the specifics.

See also:

 


XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I