SAP Security SAML: Security Assertion Markup Language
SAP NetWeaver Web Application Server (WebAS)
In a typical IT infrastructure, user's security information is distributed across multiple servers (database, LDAP, proprietary user stores) and the resources (JSP, BSP, servlets) which a user accesses also are hosted on multiple servers (sometimes in multiple DNS domains). With internet browsers as the standard client for many applications, user navigation needs to be seamless with respect to security. Users need to be authenticated and authorized by applications as users access those applications.
OASIS SAML enables XML-based exchange of security information related to a user between servers over HTTP. The information for authentication and authorization can be exchanged using SAML in the back end without users noticing the exchange. SAML acknowledges that each platform has its own mechanism for authentication and authorization. Consequently, user security information is exchanged in a standard XMLbased structure. The basic entity of security information is known as 'assertion'. An assertion is a statement made by a trusted authority. (...)
Introduction to the OASIS Security Assertion Markup Language (SAML).