Anchor | ||||
---|---|---|---|---|
|
Article donated by: Simon Godik, Hernan Cunico
Login Domain
According to the SAML specification saml a principal is a system entity whose identity can be authenticated. Identity Provider is a service provider that creates, maintains, and manages identity information for principals [and provides principal authentication to other service providers (not to get too entangled)];
A principal can have any number of attributes; identity is just one of them; Other attributes are groups, locations, etc; Logically these values are asserted by the Attribute Authority based on the identity; In practice Identity Provider and the Attribute Authority are usually collocated (although in complex SOA models providers can form a federation for identities and attributes);
...