SAML 2.0 stands for Security Assertion Markup Language (version 2.0). It is an XML standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider. SAML is a product of the OASIS Security Services Technical Committee.

The most important problems that SAML is trying to solve are the single sign-on (SSO) and the identity federation problems.

SAML assumes the principal (often a user) has enrolled with at least one identity provider. This identity provider is expected to provide local authentication services to the principal. However, SAML does not specify the implementation of these local services; indeed, SAML does not care how local authentication services are implemented (although individual service providers most certainly will).

The two main projects that use SAML 2.0 are Liberty Alliance and Shibboleth. The definition of the version 2.0 of SAML integrates features that come from both projects, so that solutions developped in these projects are expected to be interoperable.

Category Identity And Authorization Management

(This article is based upon a version available under GFDL at Wikipedia:SAML)

  Page Info My Prefs Log in
This page (revision-4) last changed on 18:24 25-Mar-2017 by Alexandre Nouvel.
JSPWiki v2.4.102