SAML v2

Discover the basics of single sign-on and how SAML assertions are finding their way into projects like OpenSSO, NetBeans and Glassfish to secure web services. SAML V2.0, approved by OASIS in March 2005, is an XML-based framework for communicating user authentication, entitlement, and attribute information. Beyond defining the industry-standard protocol for cross domain Web single sign-on (SSO), SAML is a keystone of higher level specifications such as Web Services Interoperability Basic Security Profile (WS-I BSP), the Liberty Alliance's Identity Web Service Framework (ID-WSF) and even Microsoft's Cardspace.

Pat Patterson is a software architect at Sun Microsystems, working on the OpenSSO project and Federated Access Management product line. Pat has been working on Internet security and identity management since 1997, joining Sun in 2000 as an engineering manager in the Trustbase secure Web services team. After a four-year stint in product management, he returned to engineering early in 2005, focusing on federation and identity-enabled Web services. Pat speaks regularly at a variety of forums, from one-to-one executive briefings to major industry events such as JavaOne. Pat's blog centers on identity-related topics.