In a typical Single Sign-On (SSO)/Federation scenario using SAML, the Service Provider (SP) initiates the user authentication request using SAML AuthnRequest assertion with an Identity Provider (IDP). The IDP authenticates the principal and returns a SAML AuthnStatement assertion response confirming the user authentication. If the user is successfully authenticated, the SP is required to have the subject’s profile attributes of the authenticated… Read more »
Are you tired of the high-level SPML content floating around the web from couple of analysts with no practical guidance ! If you are a practical guy..who want to explore SPML, here is something that you may find worth test-driving for SPML 1.0 amd SPML 2.0 based provisioning operations. I had been using SPML using Sun IDM 7.0 for a while now. Most… Read more »
Last week, I was at RSA Conference and I joined a panel with Mark Diodati (Burton Group) and Sampo Kellomaki (Symlabs) to discuss interoperable Identity provisioning ! I delved into SPML 2.0 and highlighted the strategies of using SPML 2.0 for interoperable provisioning. Here is the link to our slides – Interoperable Identity Provisioning in a Distributed World (With emphasis… Read more »
I had multiple opportunities to work on SPML based user-provisioning with Sun Java System Identity Manager. I found SPML as a very compelling standard, it worked as piece-of-cake on Sun IDM that certainly simplified my efforts on representing provisioning requests intended for creating, modifying, canceling, deleting, enabling, disabling, searching user accounts and associated access control privileges with multiple resources. Naturally… Read more »