SAML is the foundation for much of the current identity federation activity. SAML 2.0 is preceded by SAML 1.0 and 1.1. SAML 1.1 was released in 2003 and had just two scenarios (also known as profiles), and both were IdP-initiated. Shibboleth 1.3 and Liberty Alliance—WS-FF 1.2 extended SAML 1.1, and SAML 2.0 was released by OASIS in 2005.
The following table shows the SAML core principles:
Assertions | Protocols | Bindings |
Package of identity information |
Request/response based | Associates a message (protocol) with transport (communication mechanism) |
Synonym token | Defines the messaging requirements |
Examples:
|
XML-based | Examples:
|
In the next section, we will talk about the key facts of the SAML 2.0 protocol...