Skip to main content

SAML architecture

SAML architecture

SAML is the most complete, secure and mature solution to get identity federation. SAML defines three main kind of servers:

  • Federation metadata server. Publishes information about the federation members, its protocols and capabilities. Any federation member will only trust on other federation members.
  • Identity providers are able to identify the user and publish its information to any application that requires it.
  • Service providers are standard application servers that relays on identity providers to let users log in.

For now, we will focus on the single log-in and single log-out use cases, but be in mind that SAML defines much more use cases.

Use Cases

Single Log-in

The single log-in is usually initiated by the application server. The typical UML use case is as follows:

 

 

 

Single Log-out

 

 

&&TODO&&

 

 

Back to top