Following are the key points described later in this article:
For those of you unaware of what is SAML, here is the definition from WIKIPedia page on SAML:
Security Assertion Markup Language (SAML, pronounced sam-el[1]) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is a product of the OASIS Security Services Technical Committee. SAML dates from 2001; the most recent major update of SAML was published in 2005, but protocol enhancements have steadily been added through additional, optional standards.
The single most important requirement that SAML addresses is web browser single sign-on (SSO). Single sign-on is common at the intranet level (using cookies, for example) but extending it beyond the intranet has been problematic and has led to the proliferation of non-interoperable proprietary technologies. (Another more recent approach to addressing the browser SSO problem is the OpenID protocol.)
Simply speaking, SAML is a XML-based data exchange format used for federated authentication and can be used in Single Sign-on (SSO) implementation.
Following diagram represents SAML-based authentication. In the diagram below, salesforce app acts as a service provider and the identity provider resides in the organization specific data center. When the organizations’ users request one or more protected resource from partners website such as salesforce.com website, the salesforce.com app directs the users request to the identity provider which then processes the SAML request and sends back the SAML response appropriately, thereby authenticating the user.
Following are two key components (actors) of SSO-based authentication:
Following are two approaches to SAML-based federated authentication implementation:
Following diagram represents both identity and service provider and related flows based on who (service provider or identity provider) initiates the SAML authentication.
Following is how the flow happens for federated authentication using SAML data-exchange format/standard when users requests are initiated by the service providers:
Following are key points:
In recent years, artificial intelligence (AI) has evolved to include more sophisticated and capable agents,…
Adaptive learning helps in tailoring learning experiences to fit the unique needs of each student.…
With the increasing demand for more powerful machine learning (ML) systems that can handle diverse…
Anxiety is a common mental health condition that affects millions of people around the world.…
In machine learning, confounder features or variables can significantly affect the accuracy and validity of…
Last updated: 26 Sept, 2024 Credit card fraud detection is a major concern for credit…
View Comments
Hi Ajitesh,
I am currently working in MNC on a Java application which needs to be configured for SSO service. I learnt that i need to implement SAML into my Java application. I walked through a lot of Google information on SAML however i am unable to implement it completely. At present i am working on the instructions provided on below link.
http://docs.spring.io/spring-security-saml/docs/1.0.0.RELEASE/reference/html/chapter-quick-start.html
Do you have a sample Java application which implements SSO? If yes then could you please provide me step by step implementation of the same into Eclipse(using Java 6 & Tomcat 7).
Thanks,
Kishor Singh