The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Welcome to SAML XML.org.

This is the official community gathering place and information resource for the SAML OASIS Standard. SAML provides an XML-based framework for creating and exchanging security information between online partners. This is a community-driven site, and the public is encouraged to contribute content.

Effort of time require for an application to be a saml based application

Forum topic: Submitted by santosh on Mon, 2009-11-30 05:45.

HI,

 

i am new bee for this SAML.I need how much time will take an application to be convert as a saml based application.

application colud be the JAVA,PHP,.net etc.....,by using these platforms I have to build/create a saml based application and what would be the required effort of time .

 

 

thanxs and Regards,

Santosh

LindaC

Security Assertion Markup Language

Blog entry: Submitted by LindaC on Thu, 2009-11-26 07:55.

"SAML, developed by the Security Services Technical Committee of OASIS, is an XML-based framework for communicating user authentication, entitlement, and attribute information. According to Alarm Monitoring Company its name suggests, SAML allows business entities to make assertions regarding the identity, attributes, and entitlements of a subject (an entity that is often a human user) to other entities, such as a partner company or another enterprise application. Federation is the dominant movement in identity management today. Federation refers to the establishment of

Read more

sender-vouches example in SAML Token Profile 1.1

Forum topic: Submitted by redtiger on Tue, 2009-11-17 17:16.

Is there a typo in the sender-vouches example of the SAML Token Profile 1.1 (wss-v1.1-spec-os-SAMLTokenProfile.pdf) document?  Section 3.5.2.3 and 3.5.2.4 have XML examples a SAML token using the sender-vouches method.  However, both of these XML examples use "holder-of-key", rather than "sender-vouches", even though they are under the sender-vouches section.

Is this a typo, or is it intentional?

Thank you.

Service Provider Implementation - help

Forum topic: Submitted by jaya on Wed, 2009-11-04 19:05. Last updated on Wed, 2009-11-04 19:13.

Hello Everyone,

I am new to SAML sp implementation. 

My Work assignment is


The End-user logs into the application(IDP)successfully and clicks on a link(Service Providers). When the user clicks on SP link, the IDP would send the SAML assertion in the String format.

As an Service Provider, my application should retrieve the SAML String and process(i.e., validate and verify the signature) it. If the signature and assertions are ok, then the user would be redirected to actual requested page.


Read more

Common domain cookies

Forum topic: Submitted by lavinek on Fri, 2009-10-23 21:00.

I have been tasked with an integration that includes an IdP and an SP on the same domain. Our original idea was to use the SAML POST bindings to establish authentication and for logout requests. My question is, can I incorporate common domain cookies to make my job easier? I'm fairly new to the SAML standard, so I apologize if the answer is obvious.

« first‹ previous161718192021222324next ›last »
XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I

Hosted by:

OASIS