SAML is the Security Assertion Markup Language. It is an XML-based standard for exchanging authentication and authorization data between different security domains. The SAML standard defines the identity Provider and service provider, which constitute different security domains described above.
SAML is a product of the OASIS Security Services Technical Committee.
1. What is SAML?
SAML (Security Assertion Markup Language) is an XML framework, which is a set of protocols that can be used to transmit security statements. For example, two remote machines need to communicate with each other. To ensure security, encryption and other measures can be adopted, or SAML can be used for transmission. The transmitted data is in XML format and complies with SAML specifications, in this way, we can not require the two machines to adopt what kind of system, but only need to understand SAML specifications, obviously better than the traditional method. SAML standards are a set of Schema definitions.
In this case, in the Web service field, schema is the specification, and in the Java field, API is the specification. (My summary)
2. What is the role of SAML?
SAML mainly includes three aspects:
1. Authentication statement. Indicates whether the user has been authenticated. It is usually used for single-point logon.
2. Attribute declaration. Indicates the attribute of a subject.
3. Authorization statement. Indicates the permission of a resource.
3. What is the SAML framework?
SAML means that the customer sends a SAML request to the server and then the server returns the SAML response. Data is transmitted in XML format that complies with SAML specifications.
SAML can be transmitted on soap or other protocols.
Because the SAML specification consists of several parts: SAML assertion, SAML prototol, SAML binding, and so on.
4. Is SAML safe, because the transmission is in XML plaintext?
Of course, SAML is proposed to solve security problems. SAML is based on the XML Signature specification. Therefore, although the entire XML file is transmitted in plain text, it cannot be modified. Obviously, XML can also be encrypted before transmission.
From http://wiki.ccw.com.cn/SAML"
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
