SAML concepts

SAML is an XML-based, OASIS standard for exchanging user identity and security attributes information. In a typical SAML usage scenario, you authenticate to a security domain and request an identity provider to issue SAML assertions.

The SAML assertions are presented to a security provider when you request access to business resources. In many cases, the services provider and identity provider are in different security domains, meaning that you must authenticate to an identity provider user directory, which is not the same as the user directory of the service provider. WebSphere® Application Server multiple security domain support allows a service provider to assert user identity and security attributes to a local security domain, based on trust relationship without requiring identity mapping. You can use the SAML function to quickly build a Single Sign-On (SSO) solution across enterprises and across the Internet with industry standard SAML security tokens.

See the following topics to learn about the product SAML function.




Subtopics
SAML token
SAML assertions defined in the SAML Token Profile standard
Default policy sets and sample bindings for SAML
Overview of application programming interfaces (APIs) for SAML
SAML usage scenarios
Limitations of the SAML implementation
Concept topic Concept topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Jan 30, 2014 9:17:32 AM CST
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-nd-iseries&topic=cwbs_samlconcepts
File name: cwbs_samlconcepts.html