SAML (Security Assertion Markup Language) is the OASIS standard [1] for
representing user authentication, entitlement, and attribute information
in XML. Its most common use is to support cross-domain/federated web
single sign-on (SSO).
Now in version 2.0, SAML is widely supported in enterprise access
management products [2,3] and open source projects [4,5,6,7], but has
only recently made the jump to dynamic languages such as PHP [8] and,
now, Ruby. The OpenSSO project recently announced SAML 2.0 for Ruby
(saml2ruby) as an OpenSSO Extension [9]. The saml2ruby code, kindly
contributed by Todd Saxton, is in early, but functional form - informal
tests show that it successfully interoperates with Sun Java System
Access Manager [10].
If you’re working on a Ruby/Rails app and someone has mentioned SSO or
SAML, this should help you out. There is a sample Rails app that shows
how to get SAML-enabled with a minimum of fuss. And, need I mention it,
contributors are always welcome…
Cheers,
Pat
P.S. Apologies for the large number of footnotes. It seemed like some
amount of context was necessary…
[1] OASIS Security Services (SAML) TC | OASIS
[2]
http://projectliberty.org/liberty_interoperable/interoperable_products/saml_2_0_test_procedure_v1_0_interoperable_product_table
[3]
Sitemap DE - The Website of Informations
[4] https://opensso.dev.java.net/
[5] http://www.opensaml.org/
[6] http://lasso.entrouvert.org/
[7] http://www.zxid.org/
[8] http://blogs.sun.com/superpat/entry/switching_on_the_lightbulb
[9] https://opensso.dev.java.net/public/extensions/
[10] http://blogs.sun.com/superpat/entry/latest_opensso_extension_saml_2