- Introduction to SAML standards (a very rich set of standards and specification)
- Comparison of SAML to LTPA and Kerberos technology and what problem SAML is solving
- Different trust models based on Bearer, Holder-Of-Key, and Sender-Vouches Confirmation Methods
- Self-Issuance of SAML token and external third party STS (Security Token Service) issuance
- SAML token propagation in Web Services including different considerations for handling token timeouts
- Client side SAML token caching
- List of supported features for SAML introduced in WebSphere 126.96.36.199
- Introduction to the default Policy Sets for enabling SAML Token Profile support
Security Assertion Markup Language (SAML) is an XML based framework developed by the Organization for the Advancement of Structured Information Standards (OASIS), used for the exchange of security information between different parties. This is an open standard that can be used to exchange security information between different products. SAML support in IBM® WebSphere® Application Server Version 7.0 Fix Pack 7 delivers a SAML solution that provides support for the most common scenarios SAML using Web services.
I hope you find the paper useful and please send us any feedback.