The Burden of Federated Authentication

If you’ve ever had the pleasure to hear me rant on web access management then you know I like to stress the difference between authentication and authorization. Authentication is the process of ...

Published May 23, 2016

Version 1.0

authentication

authorization

BIG-IP Access Policy Manager (APM)

saml

security

Cody_Green

Employee

Joined December 29, 2011

View Profile

amolari

Cirrostratus

Jun 01, 2016

found out in the SAML-core spec allows the Subject element, while the WebSSO Profile doesn't (MUST NOT). In a few forums, some argued that the people behind the specs wanted to avoid too much binding between the SP and IdP. User's experience suffers and nothing seems to go much around about SAML 2.1..

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

The Burden of Federated Authentication

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS