axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ricky Ho <>
Subject Re: Authorization using WS security and SAML
Date Sun, 16 Mar 2003 16:38:14 GMT
SAML is about specifying the XML format of your authorization decision 
outcome (authorization assertion).  It also defines a protocol how to 
request the assertion.  SAML doesn't describe how the decision should be 
made.  XACML is attempting to standardize how such decision rules should be 
specified.  So it is completely solving an orthogonal problem.

I'm not sure how important to standardize decision making rules because 
there is NO "inter-operability" requirement for that.  There is NO need to 
communicating how I made my decision to my business partners.  The value of 
XACML is "portability" of my decision criteria across multiple vendor 
products.  However, "portability" has never been a goal for any XML 
standard.  It is arguable how important XACML will be.

Best regards,

At 06:38 PM 3/16/2003 +0530, Nisha Menon wrote:
>i am trying to create an authorization module for web services that is 
>independant of the application and to authorize i've chosen to use 
>WS-Security and SAML.
>would anyone on this list be familiar with similar implementation? or have 
>any references for the same?
>also, how does XACML compare to SAML?
>thank you,
>Information contained in this E-MAIL being proprietary to Wipro Limited is
>'privileged' and 'confidential' and intended for use only by the individual
>  or entity to which it is addressed. You are notified that any use, copying
>or dissemination of the information contained in the E-MAIL in any manner
>whatsoever is strictly prohibited.

View raw message