Back to Security Pattern Catalog




Assertion Builder


Classification Key : Perimeter Security, Information Disclosure

Problem

Security assertions are authentication and authorization related information exchanged between trusted service providers and requesters, and are used as a common mechanism for enabling applications to support SSO. To enable a trusted environment, we need to address the requirements of SSO with heterogeneous applications, discrete authentication schemes, authorization policies, and other related attributes in use. How can we keep the security information about a subject and use it for SSO?

Solution

Encapsulate the processing control logic in order to create SAML authentication statements, authorization decision statements and attribute statements as a service. Create appropriate SAML header. Expose the assertion builder as a service.

Known Uses

Web service using SAML.

Related Patterns

Single Sign On

Source

Sun Book

Tags

Single Sign On, Identity


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz