In the authorization service example, a user is accessing an ASP-hosted application that her company is using. She navigates to a secure area of the application which requires special permissions. The ASP application can then use the SAML protocol to ask her company’s security system whether to allow her to access that secure area.
- An issuing authority decides whether to grant the request by subject "S" for access type "A" to resource "R" given evidence "E"
- Useful for distributed transactions and authorization services
- The subject could be a human or a program
- The resource could be a web page or a web service, for example
There might be more information for this subject on one of the following: