The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Welcome to SAML XML.org.

This is the official community gathering place and information resource for the SAML OASIS Standard. SAML provides an XML-based framework for creating and exchanging security information between online partners. This is a community-driven site, and the public is encouraged to contribute content.

Windows Azure Gains Single Sign-On Support

Microsoft has announced that the August preview release of a component of its Windows Azure AppFabric cloud computing platform adds support for federated identity and single sign-on...The ACS update should be good news for developers and service providers working on applications meant to run on Windows Azure and Windows Server as it also enables access control as a service for federating identities...[The] ACS update provides Security Assertion Markup Language (SAML) 1.1 and 2 support, as well as support for the OAuth WRAP, WS-Trust, and WS-Federation protocols...

Read more

Symplified Offers Single Sign-On for the Cloud

Directory services may be old news, but they still represent an important part of the IT infrastructure. The question for many organizations is how to take an existing directory that grew up around locally served applications and services such as file and print, and use it with cloud-based services such as Google and Salesforce.com. Too often, the answer is to avoid integration between local identities and the cloud. That choice, convenient as it may be in the short run, is likely to blow up in one's face someday.

Read more

Charter sends up trial balloon on TV Everywhere

Charter Communications, the nation's fourth-largest cable operator, is testing the TV Everywhere waters with last week's trial launch...Content-wise, Graham Williams, Charter's director of product management, said the cable operator is working with TNT and TBS, as well as Style, E!, G4 and The Weather Channel. On the back end, Charter has again teamed up with Synacor for authentication of the TV Everywhere service, which entails each user logging in via their Charter e-mail address and a password.

Read more

Exostar Deploys Its Enterprise Access Gateway Solution for BAE Systems

Exostar today announced BAE Systems as the first customer to use the Enterprise Access Gateway (EAG) in a production environment. EAG is a feature of Exostar’s cloud-based Managed Access Gateway (MAG) external identity federation solution. Companies like BAE Systems increasingly require secure access to information hosted in other organizations’ applications to conduct business effectively. EAG and MAG transparently deliver this capability for end-users by enabling single sign-on across organizations with mutual trust.

Read more

Single Logout After Idle Timeout at Identity Provider

I have a use case that does not seem to be fulfilled by Single Logout.  Perhaps it is just the particular product that we are using for our federation.

In the use case, a user has logged into multiple service providers.  They allow their session to timeout at the Identity Provider (either from not using the services at the IdP or by leaving their browser session idle) and then issue a Single Logout request from one of the service providers. 

Read more

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I