SAML is the OASIS working group's network security architecture. It appears to cover authentication, authorization, and some flavor of directory service (e.g. user attribute publication). I don't know much about it yet, but i'm looking to learn more. This page is just random notes at the moment, and is not well-organized.

The reference implementation of SAML v1.1 is shibboleth (available freely in debian, naturally).

Here's a discussion from a couple years back about the changes in SAML 2.0. zxid appears to be a free SAML 2.0 implementation, though i'm not sure how robust it is.

Among other services which allow the use of SAML, Google Apps allows it for authentication.

It seems similar to OpenID, but a bit more heavyweight.


Last modified 11 years ago Last modified on Dec 16, 2007, 1:28:29 PM