Re: [saml-dev] Why Liberty if SAML provides the authentication framework?

["Conor P. Cahill" <concahill@aol.com>]

Kapil Sachdeva wrote on 9/6/2004, 2:37 PM:

I went through the technical overview of SAML 1.1 standard. Grasped most of the cocepts behind SAML such as its an XML framework for exchanging authentication, authorization & attribute information between 2 (or more) portal/services. SAML also provide protocol bindings. SAML also explains the use cases and show the way authentication/authroization/attribute information can be exchanged using Browser/artifact and Browser/post examples.

SAML1.1 does
provide a framework upon which you can build a fully operational,
privacy aware SSO environment.  This is, in fact, what Liberty did. 
Liberty added functionality in the areas of:

• Identity Federation Protocols (how 2 parties agree on an identity handle for the user)
  
• Single Logout Protocols
• Privacy protection
• Authentication Context
• Metadata distribution
• Authentication request extensions
  
• IDP location (Common domain cookie)
• Enabled Client/Proxy
  
• Identity Affiliations
  

Liberty
subsequently contributed their work back into the SSTC and the SSTC has
incorporated it into the SAML 2.0 work that is currently in progress.  
People who understand or have implemented Liberty ID-FF, will feel
right at home with SAML 2.0.

Conor