Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 303
  • Last Modified:

SAML and B2B (grid computing?)

From the following site

https://blog.surfnet.nl/?p=1417

My understanding so far of SAML is the following:

SP                         Browser of                      IdP
                           Principal
-------------              -----------                     ---------
                             START

    <--- Contact SP ------------

    --- Redirect to Browser -->    
        to SSO URL
                                --- Redirect to IdP for --> Authenticate
                                    SSO URL
                 
                                <-- SAML response ---------

    <-- Broswer sends ---------
        response to ACS url
ACS 
verifies
    --- Success response -----> DONE

Open in new window


My question:  The above describes how SAML works within a browser based
system.  But what about a B2B or queuing system, in other
words a system that is not browser oriented.   ( I assume the correct word for
this is grid computing ?)

How does SAML work under those conditions.  Any links on how
that works?

What would be the difference in this case>
0
Anthony Lucia
Asked:
Anthony Lucia
  • 3
  • 2
1 Solution
 
mccarlIT Business Systems Analyst / Software DeveloperCommented:
But what about a B2B or queuing system, in other words a system that is not browser oriented
You've ask quite a number of questions recently that I guess are all along similar lines, but none of them have a lot of information in them for us to go on. I fear that you are wasting energy looking into these acronyms that you have heard of (SAML, OAuth, IdP, SP, etc, etc) when it really might be not what you are after at all.

Can you give a bit more detail on exactly WHAT you are trying to achieve? Without getting stuck too much on HOW you THINK you need to do it. I am talking about really high-level descriptions about what systems that you have and how they need to interact, etc
0
 
Anthony LuciaAuthor Commented:
In a B2B scenario, I want one business to send a message to another, in a non-browser based (Batch mode) scenario

An example might be a monthly accounting program that compares
Corporate account balances against their existing records in 'batch mode'

ABC corp                  XYZ Bank
---------                 --------

Batch Pgm -- get Bal -->  Bank Web Service

Open in new window


The Bank web service would look something like

XYZ Bank
======================================================

                  SAML IdP  -- validate user --> LDAP
                            <----- yes ---------
                    ^
                    |
                    |
Get Bal  --> Check SAML IdP  -->  Get Bal from DB
(Batch         
Mode)    <----------------------

(No browser involved)

Open in new window


Is this a valid business scario for SAML ?  

Can someone please post any documentation (that does not
involve browser redirects) on how to accomplish this?

Thanks
0
 
Anthony LuciaAuthor Commented:
I am sorry,, a better representation of the Bank web service would be

XYZ Bank
======================================================

                  SAML IdP  -- validate user --> LDAP
                            <----- yes ---------
                    ^
                    |
                    |
HTTP Req. --> Check SAML IdP  -->  Get Bal from DB

HTTP 
Response  <----------------------

Open in new window



(No browser involved)
0
 
mccarlIT Business Systems Analyst / Software DeveloperCommented:
From the above, I have one main question... Will there be multiple "ABC Corps" ? ie. an ABC corp, and a DEF corp, and a GHI corp, etc, etc? If so, can you give an idea of how many, 5, 50, 5000, different entities contacting the web service?
0
 
Anthony LuciaAuthor Commented:
Yes there will be numerous clients connecting to the webservice, I would say about 100.

I used the example for explanatory purposes, but for what I am trying to accomplish its more like ABC dept connecting to a corporate department

ABC Dept                  Corporate Accounting
---------                 --------

Batch Pgm -- get Bal -->  Acct Web Service

Open in new window


Corporate Accounting Web Service
======================================================

                  SAML IdP  -- validate user --> LDAP
                            <----- yes ---------
                    ^
                    |
                    |
HTTP Req. --> Check SAML IdP  -->  Get Bal from DB

HTTP 
Response  <----------------------

Open in new window

0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now