SAML Terminology:  Service Provider Component

Posted on 2014-08-29
Last Modified: 2014-08-30
Does the Service Provider Component perform the following function

Once the client gets a token from the IdP, and sends the token to the web service, does the web service then contact the Service provider component to validate that the token is valid (the signature is correct and the date is within range)  ?

Question by:Anthony Lucia
    LVL 14

    Accepted Solution

    The Service Provider is generally the destination, while the Identity Provider is generally the source. The security token passes information back and forth between the two based upon the partner relationship. SAML utilizes Kerberos tokens, so the security constraints of the token are no different than authentication steps within an Active Directory environment - authentication of the token takes the source, time and date and type of request into consideration before granting access.

    The complexity of the actual token process is dependent on the partner relationship and apps in use.

    Author Comment

    by:Anthony Lucia
    Yes, I do understand most of that, but what about the Service Provider "Component" module that you download from Shibbolieth.  Does that perform token validation for the actual SP ?

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    How to sign a powershell script so you can prevent tampering, and only allow users to run authorised Powershell scripts
    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
    Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now