SAML Protocol Overview

  • 6,484 views
Uploaded on

Because the SAML Protocol is so foundational to the cloud identity software as a service Gluu provides, we wanted to lay out the basics of SAML for those interested. …

Because the SAML Protocol is so foundational to the cloud identity software as a service Gluu provides, we wanted to lay out the basics of SAML for those interested.

The following can be thought of as a basic guide to getting you conversational with the SAML protocol.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
6,484
On Slideshare
0
From Embeds
0
Number of Embeds
7

Actions

Shares
Downloads
202
Comments
0
Likes
5

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. SAML Protocol Overview Security Assertion Markup Language Brought to You By:
  • 2. What is SAML?A series of XML-based messages that detail: ● Whether users are authenticated. ● What rights, roles, and access they have. ● How they can use data and resources based on those rights and roles.
  • 3. What is SAML Used For? ● Single Sign On (SSO) ● Single Logout ● Attribute Sharing ● Account Linking
  • 4. Why SAML?The newest version, SAML 2.0, usesintellectual property and protocols fromsecure frameworks to standardize SSOacross all enterprise cloud applications.
  • 5. Existing Standards used by SAML 2.0:● Extensible Markup Language (XML) ○ XML Schema ○ XML Signature ○ XML Encryption● Hypertext Transfer Protocol (HTTP)● Simple Object Access Protocol (SOAP)
  • 6. How Does SAML Work?3 Main Protocols:● Assertions a. Authentication statements b. Attribute statements c. Authorization decision statements● Protocol - the way SAML asks for and gets assertions, for example, using SOAP over HTTP.● Bindings - how SAML message exchanges are mapped into SOAP exchanges.
  • 7. How Does SAML Work?Assertions are PROTOCOLexchanged amongsites and servicesusing the protocoland binding - and ASSERTIONSthose assertionsauthenticate usersamong sites. BINDINGS
  • 8. How Does SAML Work?
  • 9. Benefits of SAML● User passwords never cross the firewall● Web applications with no passwords are virtually impossible to hack● “SP-initiated” SAML SSO provides access to Web apps for users outside the firewall.● Enterprise-wide, architecturally sound Internet SSO
  • 10. Centralized Federation with SAML Provides:● One single point of web app access● Identity control and auditing● Security, risk aversion, and compliance
  • 11. For more SAML related Information... visit us at http://gluu.org