转载自: http://xml.coverpages.org/saml.html [November 17, 2005] "Microsoft Says It Won't Support SAML 2.0. Microsoft Backs WS-Federation Protocols for Next Generation of Message-Based Apps." By Jeremy Kirk. From InfoWorld (November 17, 2005). "Microsoft will stick by the set of protocols it has picked for identity federation, a concept that includes single sign-on (SSO) for several different Web portals and secure transfers of data between partnered businesses. Microsoft has backed WS-Federation protocols for the next generation of message-based applications because it offers a full suite of security, message, and transaction protocols, said Don Schmidt, senior program manager for Microsoft's Identity and Access group. The company's stance is not about which protocol set is necessarily better but rather which offers a wider flexibility in accommodating federated identity... The WS-Federation protocols compete with the SAML (Security Assertion Markup Language) 2.0 specification, which so far has strong footing in the race to create secured identity federation across organizations. SAML 2.0 is backed by consortiums such as the Liberty Alliance and the Organization for the Advancement of Structured Information Standards (OASIS). SAML 2.0 protocols are fine for strictly Web single sign-on, Schmidt said. But the WS-Federation protocols are better equipped to deal with a distributed Web services environment for message reliability, transaction support and security, he said. SAML 2.0 does not have reliable messaging or transaction support, he said..." See WS-Federation Workshop. Note: WS-Federation (July 2003) was not among the specifications presented to the OASIS Web Services Secure Exchange (WS-SX) Technical Committee.
阅读全文(6096) | 回复(0) | 编辑 | 精华