SAML & OAuth 2.0

-

Both SAML (Security Assertion Markup Language) and OAuth 2.0 are widely used protocols for authentication and authorization in web applications, but they serve different purposes.

SAML (Security Assertion Markup Language)

  • Purpose: Primarily designed for authentication and single sign-on (SSO).
  • How it works: A user attempts to access a service provider (SP). The SP redirects the user to an identity provider (IdP). The IdP authenticates the user and sends a SAML assertion to the SP. The SP validates the assertion and grants access to the user.
  • Common use cases: Enterprise applications, government services, and federated identity management systems.

OAuth 2.0

  • Purpose: Designed for authorization, allowing users to grant third-party applications access to their data on a specific service.
  • How it works: A user attempts to access a resource on a service provider. The SP redirects the user to the authorization server. The user grants permission to the application. The authorization server issues an access token to the application. The application uses the access token to access the resource on the SP.
  • Common use cases: Social media integration, APIs, and mobile applications.

 

Key Differences:

Feature SAML OAuth 2.0
Primary Purpose Authentication and SSO Authorization
Scope User Identity Resource Access
Flow Assertion based Token-based
Typical Use Cases Enterprise applications, government services API's, Third party system integration

When to Use Which

  • SAML: If you need to establish trust between organizations and provide single sign-on capabilities.
  • OAuth 2.0: If you need to grant third-party applications access to specific resources on your service.

In summary, SAML focuses on user identity and authentication, while OAuth 2.0 focuses on resource access and authorization. The choice between the two depends on the specific requirements of your application

Comments

Post a Comment

Popular posts from this blog

PUTTY - The server's host key is not cached in the registry cache

-
Error: "The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's rsa2 key fingerprint is: [SSH KEY FINGERPRINT] If you trust this host, enter "y" to add the key to PuTTY's cache and carry on connecting. If you want to carry on connecting just once, without adding the key to the cache, enter "n". If you do not trust this host, press Return to abandon the connection. Store key in cache? (y/n) y" Answer: Simply run this command in your windows preferred terminal (cmd.exe etc) and agree to accept the host and store the cache: C:\Program Files (x86)\PuTTY\plink.exe -ssh [SSH USERNAME]@[SSH HOST] -P [SSH PORT] echo y | pscp -i /path/to/key/file user@remote:/tmp/file  . echo y | plink -i /path/to/key/file scripts.sh Usually you would hit “y” here, assuming the host key is correct, in order to store it in future connection.  The storage of this goes into the Registry under ...
Read more

OIM-12c Installation - FMW - SOA - IDM

-
Image
Oracle Identity Manager (OIM) 12c Installation Prerequisites: The Oracle Identity Manager software includes the following: 1] Oracle's Java Development Kit (JDK) 1.8 (jdk-8u311-linux-x64.tar.gz) 2]  Fusion Middleware 12.2.1.4.0 3]  SOA Suite 12.2.1.4.0 4] Oracle Identity and Access Management  12.2.1.4.0 What Do You Need? For completing Oracle IDM Setup you will need, Environment as below: Oracle Enterprise Linux 6 or similar, with access to the Internet At least 8GB RAM (16GB recommended) An Oracle Database Enterprise Edition 12 or superior installed and running. Note: Installing a Database for Identity and Access Management (IDM) Suite provides instructions on how to install an Oracle Database that is suitable for Oracle Identity and Access Management Suite. oracle and root user credentials SYS database user credentials Basic understanding of Linux An Oracle Technology Network (OTN) account OIM-11g PS3 Installation Steps: Just for reference https://www.oracle.com/webfol...
Read more

Apache Kafka - Zookeeper

-
Apache Kafka - Zookeeper Tutorial Topics covered in this article as below: Need of Messaging System What is Kafka? Kafka Features Kafka Components Kafka Architecture Installing Kafka Working with Single Node Broker Cluster 1. Need of Messaging System Data pipelines - Communication is required between different systems in the real-time scenario, which is done by using data pipelines Chat Server -----------Data Pipeline---------------> Database server Many services are communicating with various internal systems like front-end, back-end Api, database server, security system, real-time monitoring, chat server etc. Messaging systems helps managing complexity of above pipelines. so Kafka helps here to decouples data pipelines Key entity involved in Kafka Producer (Publisher) Consumer (Subscriber) 2. What is Kafka? (High throughput distributed messaging system) Apache Kafka is a distributed publish-subscribe messaging system It was originally developed at Linked-In and later became part ...
Read more