Access control service (SAML vs. SWT)

Access control services supports both SAML and SWT tokens, now what exactly is the difference between them

   

SAML

SWT

Protocol support

WS Trust, WS-federations (Soap based)

OAuth WRAP and OAuth 2.0 (HTTP REST)

Cryptographic differences

Tokens are signed using asymmetric keys (which provides CA verification, and revocation)

Tokens are signed using symmetric keys

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: