Friday December 22, 2006
Friday December 22, 2006
SAML vs. WS-Federation
Following my recent post on the (very) quiet publication of W-Federation, I was pointed at this excellent document that compares SAML and WS-Federation and explains why SAML is a better choice. This document is even more remarkable when one notices that it has been written by people working for the Government of Denmark obviously an impartial 3rd party.
I highly recommend this reading if you're in the process of selecting technology for identity federation or if you're just interested in understanding both specifications and some of their key differences. For those who don't have time I'm reproducing the main table in the Danish document below (I did not ask for permission but hopefully it's ok...):
| requirements | SAML2.0 | WS-Federation |
| Functionality related to requirements
|
Equal | Equal |
| Support of the standard in commercially available products
|
Advantage | |
| Microsoft support
|
Advantage | |
| Proven usability from use in solutions in production
|
Advantage | |
| Assessments by analyst companies
|
Advantage | |
| Based on an adopted standards (e.g. within OASIS)
|
Advantage | |
| Interaction with the other adopted standards, XACML and SPML | Advantage | |
| Future development of the standard | Consolidation is expected
|
Consolidation is expected
|
| Third party Interop Testing/Interoperability Certification | Advantage |
The document goes into more detail for each of those requirements and how the came to the conclusion presented in the table. I think this is a fair assessment of the situation!
Posted at 10:00AM Dec 22, 2006 by Hubert A. Le Van Gong in Identity | Comments[1]
Posted by james on December 22, 2006 at 02:40 PM PST #