// // Escribe un comentario

SAP Security SAML

SAP Security SAML: Security Assertion Markup Language

Applies to:
SAP NetWeaver Web Application Server (WebAS)

In a typical IT infrastructure, user's security information is distributed across multiple servers (database, LDAP, proprietary user stores) and the resources (JSP, BSP, servlets) which a user accesses also are hosted on multiple servers (sometimes in multiple DNS domains). With internet browsers as the standard client for many applications, user navigation needs to be seamless with respect to security. Users need to be authenticated and authorized by applications as users access those applications.

OASIS SAML enables XML-based exchange of security information related to a user between servers over HTTP. The information for authentication and authorization can be exchanged using SAML in the back end without users noticing the exchange. SAML acknowledges that each platform has its own mechanism for authentication and authorization. Consequently, user security information is exchanged in a standard XMLbased structure. The basic entity of security information is known as 'assertion'. An assertion is a statement made by a trusted authority. (...)

Introduction to the OASIS Security Assertion Markup Language (SAML).


Publicar un comentario

Nota Importante: los comentarios son para agradecer, comentar o sugerir cambios (o hacer preguntas) sobre el artículo de arriba.

Para otras preguntas, por favor envíe su consulta aquí, es gratis!. Su consulta no molesta, le responderemos a la brevedad