Solved

Where does SAML reside

Posted on 2014-07-31
2
445 Views
Last Modified: 2014-08-01
SAML is a security Markup language

Is it resident on a server?

Is it ever pass in association with a message ?

Thanks
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Author Comment

by:Anthony Lucia
ID: 40232961
Or does it pass uid and passwords,  etc from a client to a server
0
 
LVL 64

Accepted Solution

by:
btan earned 500 total points
ID: 40234038
SAML is a exchange of language understood for purpose of checking identity based on some attribute and claims. It is not really a file per se storing in some DB.

When a user attempt to request for a service from the service provider, the provider will stop user and ask proof your identity using some claims e.g. email address, userid etc. The user will then need some authority to ascertain that identity claims. These exchanges are based on SAML protocol .. I may be simplifying the use case and probably the below will help with some illustration of the exchanges - eventually it is the 'lingo' that is needed to talk a common language (or they say messages) to get what is requested.

https://blog.surfnet.nl/?p=1417 

The wiki (http://en.wikipedia.org/wiki/SAML_2.0) has diagram and even more details. In practical terms, SAML consists of a set of specifications and XML schemas, which together define how to construct, exchange, consume, interpret, and extend security assertions for a variety of purposes. SAML does not require user information to be maintained and synchronized between directories. The existing store for identity is still retain just that now there is need for the role of broker to handle such messages in this parlance standard.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question