SAML (Security Assertion Markup Language) -- Simplified

-

As discussed earlier SAML provides the web SSO as in the earlier blog on SSO.

By Definition SAML is-

Security Assertion Markup Language is an XML-based open standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.

Breaking it down.

IdP is the Identity Provider -- someone who has a database containing usernames and passwords. For eg. Google apps.

SP is service provider -- a service we would like to use. For eg. apps like soundcloud and etc which allow us to log into their service using the credentials stored in IdP.

So basically, if you want to add a comment to this blog post, you would have to authenticate with Google apps over the Browser and one Google identifies you as the right user, will allow you to access this resource and leave a comment. This is quite simply SAML at work.

The below video is amazing and a must watch to just understand it further.


For something more detailed see below


Popular posts from this blog

Ansible - Error - stderr: E: There are problems and -y was used without --force-yes

-
Image
In case your tasks is to install some packages and it errors out as below - name: Install linux-headers apt: pkg={{item}} state=installed install_recommends=yes update_cache=yes with_items: - linux-headers-generic - dkms sudo: yes failed: [parallelsUbuntu] => (item=linux-headers-generic,dkms) => {"failed": true, "item": "linux-headers-generic,dkms"} stderr: E: There are problems and -y was used without --force-yes stdout: Reading package lists... Building dependency tree... Reading state information... The following extra packages will be installed:   cpp fakeroot gcc libfakeroot linux-headers-3.13.0-63   linux-headers-3.13.0-63-generic patch Suggested packages:   cpp-doc dpkg-dev debhelper gcc-multilib manpages-dev autoconf automake1.9   libtool flex bison gdb gcc-doc diffutils-doc The following NEW packages will be installed:   cpp dkms fakeroot gcc libfakeroot linux-headers-3
Read more

Error: SMTPIN_ADDED_BROKEN@mx.google.com

-
Some times we see the below in the email header information. SMTPIN_ADDED_BROKEN@mx.google.com The cause of the "...SMTPIN_ADDED_BROKEN@mx.google.com" is because of the 'https://' in the original Message-ID, which is not allowed. There could be some dodo systems which might be doing this and they would need to be tweaked to now allow message-id (see my earlier posts on what it means) and to have https!
Read more