[ davekearns saml xacml ]
Over at NetworkWorld's Security: Identity Management Alert, Dave Kearns weighs in on the ongoing federated provisioning debate with Federated provisioning could exist. While Dave is right to highlight the promise of the Liberty Alliance's Identity Governance Framework (IGF), he is way off the mark regarding XACML and SAML. Dave writes:
Some have suggested that XACML (eXtensible Access Control Markup Language) might be the answer. But it [...] suffers from the same problem as SPML (no interaction with SAML) [...]
This is patently not true! Four years ago, OASIS defined the interaction between XACML and SAML in SAML 2.0 profile of XACML v2.0 [PDF], part of the XACML 2.0 specification set. Since then, SAML/XACML has been implemented in a range of products, including Sun OpenSSO Enterprise, with interoperability between seven vendors' products demonstrated at the OASIS XACML Interop Demo (held at the RSA Conference, April 2008).
XACML and SAML, best buddies since February 2005 
![[Feed]](http://blogs.sun.com/roller/resources/superpat/feed-icon16x16.png)
![[This is a Roller site]](/themes/sotto/images/roller-logo.gif){kind=logo}
Pat,
Re: "XACML and SAML - a Match Made in... 2005"
I laughed so much at this I nearly choked.
Great post.
Wayne
Posted by Wayne Horkan on February 27, 2009 at 05:24 PM PST #
Will you be blogging shortly on how Sun will embrace the Oasis IGF and when it will release an implementation...
Posted by James on March 06, 2009 at 03:55 AM PST #
Sure - when we have something to say on the topic. BTW - IGF is not at OASIS - it's at Liberty Alliance.
Posted by Pat Patterson on March 06, 2009 at 09:39 AM PST #
James - will you be blogging on how you would use IGF?
Posted by Pat Patterson on March 06, 2009 at 09:50 AM PST #