Tuesday, December 8, 2009

Paper to provide an overview of SAML and support in

I hope you found the SAML demo video from Greg useful. My team has put together a paper to provide an overview of the SAML technology introduced in WebSphere

The paper is available for download here. This paper provides:

  1. Introduction to SAML standards (a very rich set of standards and specification)
  2. Comparison of SAML to LTPA and Kerberos technology and what problem SAML is solving
  3. Different trust models based on Bearer, Holder-Of-Key, and Sender-Vouches Confirmation Methods
  4. Self-Issuance of SAML token and external third party STS (Security Token Service) issuance
  5. SAML token propagation in Web Services including different considerations for handling token timeouts
  6. Client side SAML token caching
  7. List of supported features for SAML introduced in WebSphere
  8. Introduction to the default Policy Sets for enabling SAML Token Profile support

Here is the abstract of the paper:

Security Assertion Markup Language (SAML) is an XML based framework developed by the Organization for the Advancement of Structured Information Standards (OASIS), used for the exchange of security information between different parties. This is an open standard that can be used to exchange security information between different products. SAML support in IBM® WebSphere® Application Server Version 7.0 Fix Pack 7 delivers a SAML solution that provides support for the most common scenarios SAML using Web services.

I hope you find the paper useful and please send us any feedback.


  1. Siebel SmartScript accelerates abettor capability with a workflow-based, dynamically generated user interface that helps adviser every alternation with a customer. Siebel SmartScript can be invoked automatically several ways, such as based aloft business rules, through awning pops, by Siebel CTI, or programmatically.

    call center outsourcing

  2. Could you provide link to echo sample zip file, please?