Loading Profile...
EMPLOYEE
How is oauth different from using SAML and XACML?
rickwordy asked this question on the blog. I haven't seen XACML before, any one fancy a guess?
I’m perplexed
4 people have this question
I have this question, too!
Tell me when someone answers.
The more people who ask this question, the more it gets noticed.
The more people who ask this question, the more it gets noticed.
-
Inappropriate?I got some feedback along the lines of: "It’s not [an] overly complex data representation. It’s a simple protocol for a very specific need."
-
Inappropriate?bits of OAuth are logically similar to bits of SAML, XACML, and some Liberty pieces.
XACML is a syntax for expressing authz policies. So, the permissions the User defines at a Service Provider through OAuth could be captured in XACML. It would probably be overkill unless there were important distinctions, i.e. Consumer1 can read, Consumer2 can write, etc. to capture and you wanted some freedom from capturing such rules in a proprietary format.
As I see it, more than SAML, OAuth could be compared to Liberty's ID-WSF, i.e. as a framework for getting user consent for attribute sharing and securing the resulting API calls. Lots of differences, REST vs SOAP, simple vs complex, trust models, etc but the use cases are very similar.
paul
