Single Sign on using SAML


SAML is a best word I have known in the recent past. While most of the website developers were not known about the SAML, SAML is in the world from 2002. SAML is used for single sign on. It uses XML.SAML comes with expiry of the validation. The validation date clearly states that the security expires on the same day.

SAML is Security Assertion Markup Language introduced by OASIS (Security Assertion Markup Language). SAML is now XML based open standard. OASIS is a consortium which drives web service standards. OASIS is a United States based organization whose members operate democratically.

SAML is in version 2.0. But still there are organizations using V1.0 and V1.1. IBM Tivoli Federated Identity manager provides SSO (single sign on) goes good with SAML.

Leading BPM software vendors like TIBCO has the compatibility with SAML and with existing Soap UI User Token authentication. SAML is gaining its momentum as the cloud computing is gaining momentum.

There are many organizations coming into picture to enable SAML for the web apps. The Web apps are having much importance than ever as the mobiles are of 3g and 4g. On the same token, the usage of TABs and Notes put the importance too much.

Working from home, logging into multiple applications with same user authentication all puts SAML in more important place. But the development community is not that much aware of SAML. SAML is more important than the time it was installed by OASIS. All Identity management software are supporting SAML.

Upgrading SAML from 1.0 or 1.1 to SAML 2.0 is an ongoing exercise in few of the organizations. TIBCO AMX BPM’s latest version is supporting SAML 2.0. How to handle SAML tokens on the day of the expiry of the validity of the security certificate is a main thing to be taken under consideration. This invites discussion both in single and multiple servers’ environment with single or multiple applications.

Knowing SAML is more important to all web app and mobile app developers and for the people working in cloud.