It defines a language for exchange of authentication, authorization and attribute information typically used in single sign-on, but also distributed transactions.
A policy language for describing access control requirements. Also a access control decision request/response language to determine, for instance, whether a specific action is allowed for the current user of a web service.
I get the feeling that the latter part of XACML, the access control decision part, may be replaceable by SAML.
Joined: Jun 07, 2009
Thanks Ivan. Its more clear now.
So SAML talks from a subject/entity point of view where as XACML talks from a resource point of view.