Overview#

In the authorization service example, a user is accessing an ASP-hosted application that her company is using. She navigates to a secure area of the application which requires special permissions. The ASP application can then use the SAML protocol to ask her company’s security system whether to allow her to access that secure area.
  • An issuing authority decides whether to grant the request by subject "S" for access type "A" to resource "R" given evidence "E"
  • Useful for distributed transactions and authorization services
  • The subject could be a human or a program
  • The resource could be a web page or a web service, for example

Example#

<saml:Assertion...>
	<saml:AuthorizationStatement
		Decision="Permit"
		Resource="http://services.willeke.biz/rpt_12345.htm">
		<saml:Subject>...</saml:Subject>
		<saml:Actions
			ActionNamespace="http:/...core-25/rwedc">
			<saml:Action>Read</saml:Action>
		</saml:Actions>
	</saml:AuthorizationStatement>
</saml:Assertion>

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-5) was last changed on 11-Jun-2015 16:57 by jim