File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Services Certification (SCDJWS/OCEJWSD) and the fly likes SAML and XACML Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Certification » Web Services Certification (SCDJWS/OCEJWSD)
Bookmark "SAML and XACML" Watch "SAML and XACML" New topic
Author

SAML and XACML

Sachet Varma
Ranch Hand

Joined: Jun 07, 2009
Posts: 39
Hi,

SAML and XACML seem to be the same thing - policy languages. Thought SAML talks of assertions , which seem to adress the same thing.

Why do we need two mark up languages that seem to address the same thing? Or have I got it wrong??
Ivan Krizsan
Ranch Hand

Joined: Oct 04, 2006
Posts: 2198
    
    1
Good question!
This is how I have understood it:

SAML:
It defines a language for exchange of authentication, authorization and attribute information typically used in single sign-on, but also distributed transactions.

XACML:
A policy language for describing access control requirements. Also a access control decision request/response language to determine, for instance, whether a specific action is allowed for the current user of a web service.

I get the feeling that the latter part of XACML, the access control decision part, may be replaceable by SAML.
Best wishes!
Sachet Varma
Ranch Hand

Joined: Jun 07, 2009
Posts: 39
Thanks Ivan. Its more clear now.

So SAML talks from a subject/entity point of view where as XACML talks from a resource point of view.
 
wood burning stoves
 
subject: SAML and XACML
 
Similar Threads
Question on XML Signature
Web Services Security using SAML v2.0 and XACML
Securing XML based Web Services.---Author ?
identify, authentication, authorization
SOA Security