SAML 2.0: Designing secure identity federation
Anyone taking a first look at SAML will see that is complex.
As well as being a good tool to implement Single Sign-On ease organizational pain and improve security, it can also be a source to critical security vulnerabilities if design or implemented incorrectly.
SAML 2.0: Designing secure identity federation demystifies the concepts of SAML and gives beginners, as well as experience architects, a good understanding of the otherwise complex subject of SAML.
Walking through all topics from introduction to advanced you will learn
- To fully understand SAML and identity federation
- Workings of the main building blocks like NameId, bindings and assertions
- How Single Single-On and Single Logout works in detail
- Different architectural choices and implementation alternatives
- Security best practices and considerations
- Previous security vulnerabilities and what can be learned from them