SAML: "Beyond the Intranet" SSO Solution

by Frank Teti

Security Assertion Markup Language (SAML) is an XML-based standard for exchanging authentication and authorization data between security domains. SAML is a product of the OASIS Security Services Technical Committee. The single most important problem that SAML was created to solve is the Web browser single sign-on (SSO). However, there are limitations to SAML 1.1 for that purpose. In fact, the problem that SAML 1.1 solves more efficiently is the authentication and authorization of SOAP Web services by using SAML as a WS-Security token. Even so, useful technologies, seeking to be relevant, find unintended ways of fitting into the vast technology landscape. For example, Kerberos was an integral part of the ill-fated distributed computing environment (DCE), and while DCE has been dead for a long time, Kerberos has been a core Microsoft security component.

Password Protected Cutter Consortium clients, please log in:


This document is available to Cutter Consortium Resource Center clients only. Retrieve your password.
If you would like further information about how to become a client, please contact us at +1 781 648 8700 or sales@cutter.com, or you can Request Guest Access.
SAML: "Beyond the Intranet" SSO Solution6 November 2009

Become a Member

Research and inquiry privileges, plus regular strategy meetings with Cutter's Business & Enterprise Architecture experts are just some of the perks! Talk to Cutter today about trial membership, including access to research, webinars, podcasts, white papers and more.

Request trial membership

Get the BEA Feed