wood burning stoves 2.0*
The moose likes Web Services Certification (SCDJWS/OCEJWSD) and the fly likes SAML and XACML Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Certification » Web Services Certification (SCDJWS/OCEJWSD)
Bookmark "SAML and XACML" Watch "SAML and XACML" New topic
Author

SAML and XACML

Sachet Varma
Ranch Hand

Joined: Jun 07, 2009
Posts: 39
Hi,

SAML and XACML seem to be the same thing - policy languages. Thought SAML talks of assertions , which seem to adress the same thing.

Why do we need two mark up languages that seem to address the same thing? Or have I got it wrong??
Ivan Krizsan
Ranch Hand

Joined: Oct 04, 2006
Posts: 2198
    
    1
Good question!
This is how I have understood it:

SAML:
It defines a language for exchange of authentication, authorization and attribute information typically used in single sign-on, but also distributed transactions.

XACML:
A policy language for describing access control requirements. Also a access control decision request/response language to determine, for instance, whether a specific action is allowed for the current user of a web service.

I get the feeling that the latter part of XACML, the access control decision part, may be replaceable by SAML.
Best wishes!
Sachet Varma
Ranch Hand

Joined: Jun 07, 2009
Posts: 39
Thanks Ivan. Its more clear now.

So SAML talks from a subject/entity point of view where as XACML talks from a resource point of view.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: SAML and XACML