Security Assertion Markup Language (SAML) is an open-standard protocol that uses an XML framework to exchange security information between an authority and a trusted partner site. The security information concerns itself with a subject's authentication status, access authorization and attribute information. (A person identified by an email address is a subject as might be a printer.) A SAML authority (in some instances, referred to as the asserting party) is a platform or application that has been integrated with SAML API, allowing it to relay security information. For example, asserting that a subject has been authenticated into its system by passing the required attributes. Trusted partner sites receive the security information and rely on its authenticity.
For more information about the SAML implementation (including definitions of the profile types and assertions), see Chapter 9, SAML Administration, in Sun Java System Access Manager 7 2005Q4 Federation and SAML Administration Guide.
The following SAML attributes can be configured for your implementation:
The following tasks are associated with configuring SAML: