Sun ONE Identity Server

The Security Assertion Markup Language (SAML) 1.0 specification defines a common XML framework for exchanging security assertions among security authorities. The primary goal is to achieve interoperability across different vendor platforms that provide authentication and authorization services. The SAML initiative is managed by the Security Services Technical Committee (SSTC) of the Organization for the Advancement of Structure Information Standards (OASIS), a nonprofit standards organization. Sun Microsystems is a cochair of the SSTC in addition to several other technical positions.

Sun is committed to supporting open standards, including popular standards developed or co-developed by Sun such as JavaTM technology and XML. The SunTM Open Net Environment (Sun ONE) platform provides a comprehensive suite of software for developing, deploying, registering and accessing Web Services. SunTM ONE Identity Server (formerly iPlanetTM Identity Server: Access Management Edition) 6.0 software with SAML support exemplifies Sun's commitment to open standards as well as the Sun ONE vision of integrated and integratable software solutions.

The SAML specification encompasses several categories: Assertions, Protocols, Bindings and Profiles. SAML includes three types of assertions: authentication assertions (the user has proven his/her identity), attribute assertions (information about the user) and authorization decision assertions (identifies whether the user is authorized to buy an item). Protocols are the request and response messages that are exchanges between the entities. The protocol is simply the way SAML requests and retrieves assertions using SOAP over HTTP. A set of bindings and protocols constitutes a profile.

Examples of how SAML will be used as the foundation for authentication and authorization services include:

Enabling single sign-on among trusted partners. The user authenticates against the source Web site, then is allowed to access Web resources hosted by different venders without having to reauthenticate.

Allowing applications to identify users (authentication assertions), then grant access based on authorization assertions and local policies.

The Sun ONE Identity Server 6.0 will support the open industry standard SAML specification as the framework for interoperability across different security domains, applications and security infrastructure.

For an illustration of the Sun ONE Identity Server 6.0 SAML Service architecture and how it interacts with other Sun ONE Identity Server 6.0 components; and for a table of SAML 1.0 specification support in the Sun ONE Identity Server 6.0 product; and a diagram of an example of how SAML will be used (the diagram shows a Web single sign-on pull model):

http://wwws.sun.com/software/products/identity_srvr/wp_saml.pdf [...read more...]

Keywords:

fullsource

Current

Profile

Archive

Blog

Generate newsletter

Other articles in the Software section of Volume 55, Issue 1:

Sun ONE Identity Server (this article)
Software Only and Hardware Only SunSpectrum Program Contracts
Solaris WBEM Services
Sun ONE Infrastructure Products: Services Integration Course
Beta Testers Needed to Help Test Sun Download Manager 1.0 Software
The RDBSpace Project

See all archived articles in the Software section.

Top 10 Most Popular Articles in Current Issue (Vol 168, Issue 1)
Sun ZFS Storage Appliances Earn Highest Ratings for Enterprise and Midrange NAS Systems SPARC T4 Server Momentum Expands Demand for SPARC System Oracle Sun Ray 3 Series Clients Capture 2011 Good Design Award SPARC T4 Servers Find Favor with Telecommunications Service Providers How to Manage the ZFS Storage Appliance with JavaScript: Three Approaches	Oracle Ships Over 1 Exabyte of Media for StorageTek T10000C Tape Drives Exactly What Is Big Data? Building a Secure Cloud with Identity Management Oracle Secure Global Desktop Allows Simplified, Anywhere, Access to Applications Migrating from SUSE Linux to Oracle Linux 5.5