SAML parfait

There are lots of ways to convey the concepts and features of SAML. After writing about it and giving presentations on it for a long time, and having cogitating on JeffH’s very useful How to Study and Learn SAML, I thought I might try a new way of illustrating SAML’s features and modularity that can serve as a fairly complete quick reference. Everybody likes parfait, right? Let’s see how well it works as an educational tool.

This “default” diagram shows the SAML framework that you get out of the box and — I hope — the potential for profiles to use whatever lower-level bits make sense. (Click to enlarge the diagrams.)

SAML framework parfait
SAML framework parfait

You could annotate the default diagram for various purposes, such as discussing a proposed profile or extension. This “profiled” diagram shows how the web browser single sign-on profile points specifically to various protocols, assertion statements, and bindings to turn a particular set of use cases into something interoperable.

SAML framework with web SSO highlighted
SAML framework parfait with web SSO highlighted

(I want to add subject confirmation methods somewhere, but can’t figure out a good way to do it. Maybe they’re just too much detail for this.)

I’d love to get feedback from the newbie, in-the-know, teacher, and comparative perspectives. So, any comments? Suggestions? Anecdotes?

No tags for this post.

3 Comments to “SAML parfait”

  1. Colin Wallis 27 February 2007 at 1:09 pm #

    I love your site Eve.
    Everytime I come back there’s more great stuff.
    And it’s real important too. There are developers out there who are just starting out on this stuff and find it hard to know where to begin. It’s easier after you’ve lived with it for a few years. And actually we forget just how hard it is for newbies to get a handle on it.
    Well done grrl:-)

  2. Eve 27 February 2007 at 2:16 pm #

    Hey, thanks, Colin!

  3. […] SAML parfait diagram experiment went pretty well. I heard from a number of people who found it helpful, and one […]