?
Solved

Where does SAML reside

Posted on 2014-07-31
2
Medium Priority
?
452 Views
Last Modified: 2014-08-01
SAML is a security Markup language

Is it resident on a server?

Is it ever pass in association with a message ?

Thanks
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Author Comment

by:Anthony Lucia
ID: 40232961
Or does it pass uid and passwords,  etc from a client to a server
0
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 40234038
SAML is a exchange of language understood for purpose of checking identity based on some attribute and claims. It is not really a file per se storing in some DB.

When a user attempt to request for a service from the service provider, the provider will stop user and ask proof your identity using some claims e.g. email address, userid etc. The user will then need some authority to ascertain that identity claims. These exchanges are based on SAML protocol .. I may be simplifying the use case and probably the below will help with some illustration of the exchanges - eventually it is the 'lingo' that is needed to talk a common language (or they say messages) to get what is requested.

https://blog.surfnet.nl/?p=1417 

The wiki (http://en.wikipedia.org/wiki/SAML_2.0) has diagram and even more details. In practical terms, SAML consists of a set of specifications and XML schemas, which together define how to construct, exchange, consume, interpret, and extend security assertions for a variety of purposes. SAML does not require user information to be maintained and synchronized between directories. The existing store for identity is still retain just that now there is need for the role of broker to handle such messages in this parlance standard.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question