Access control service (SAML vs. SWT)

Access control services supports both SAML and SWT tokens, now what exactly is the difference between them




Protocol support

WS Trust, WS-federations (Soap based)

OAuth WRAP and OAuth 2.0 (HTTP REST)

Cryptographic differences

Tokens are signed using asymmetric keys (which provides CA verification, and revocation)

Tokens are signed using symmetric keys

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: