<div>
<div class="content wysiwyg-content">
While I am starting to understand, one more thing I do not quite get<br />
<br />
The normative case is for the client to send a token request to the SAML authority, and get a SAML token in return. &nbsp;The Client then sends the message lus the token to the web service in question (probably SOAP). &nbsp;<br />
<br />
My question is, how does the web service validate that the token is validate? &nbsp;Does he hit the SAML authority? &nbsp;How does that work?<br />
<br />
Thanks
</div>
</div>


While I am starting to understand, one more thing I do not quite get

The normative case is for the client to send a token request to the SAML authority, and get a SAML token in return.  The Client then sends the message lus the token to the web service in question (probably SOAP).  

My question is, how does the web service validate that the token is validate?  Does he hit the SAML authority?  How does that work?

Thanks

SAML and web service token validation

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

A Web service is a method of communication between two electronic devices over a network. It is a software function provided at a network address over the Web with the service always on as in the concept of utility computing. A web service has an interface described in Web Services Description Language (WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP (Simple Object Access Protocol) messages. There are two major classes of Web services: REST-compliant web services, and Arbitrary web services.

Web Services

The .NET Framework is not specific to any one programming language; rather, it includes a library of functions that allows developers to rapidly build applications. Several supported languages include C#, VB.NET, C++ or ASP.NET.

.NET Programming

Simple Object Access Protocol (SOAP) is a protocol specification for exchanging structured information in the implementation of web services. It uses the XML Information Set for its message format and uses other protocols, notably Hypertext Transfer Protocol (HTTP) and the Simple Mail Transfer Protocol (SMTP) for message transmission.