<div>
<div class="content wysiwyg-content">
I have a limited understanding of OAuth, it goes something like:<br />
<br />

<pre><code id="code-10-28500203-1">    - client sends request token during redirect to server
    - Server displays authorization screen to resource owner
    - Resource owner provides uid and pw (not passed to client)
    - Server sends access token back to client
    - clients then users the Access token to gain access to a 
      resource</code></pre>
<br />
I need to understand the basic architecture of SAML. &nbsp;Could someone please provide a brief explanation of the architecture and perhaps a link to an easy to understand doc<br />
<br />
Thanks
</div>
</div>


I have a limited understanding of OAuth, it goes something like:

(CODE)

I need to understand the basic architecture of SAML.  Could someone please provide a brief explanation of the architecture and perhaps a link to an easy to understand doc

Thanks

SAMLdescription

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

A Web service is a method of communication between two electronic devices over a network. It is a software function provided at a network address over the Web with the service always on as in the concept of utility computing. A web service has an interface described in Web Services Description Language (WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP (Simple Object Access Protocol) messages. There are two major classes of Web services: REST-compliant web services, and Arbitrary web services.

Web Services

Java is a platform-independent, object-oriented programming language and run-time environment, designed to have as few implementation dependencies as possible such that developers can write one set of code across all platforms using libraries. Most devices will not run Java natively, and require a run-time component to be installed in order to execute a Java program.