How SAML -Open SSO works?

Example: A user logs into an application A and then clicks a link from Application A. Then He see information he is expecting from application B. when we simulated this transaction from load runner. The response time of the link is too high.

when I analyzed the communication of the click. I found the complete design behind the link.
and thought of implementing some component leve performance testing measure the latency of LDAP and SAML communication.

These two applications A and B can be B2B applications protected by firewalls of the respective clients. To pass information these two clients is a challenge. This issue is addresses using SAML and LDAP.

SAML is an XML standard for exchanging security-related information, called assertions, between business es over the web. The assertions can include attribute statements, authentication, decision statements, and authorization decision statements.

LDAP, the Lightweight Directory Access Protocol, is a protocol used to access a directory listing.

In the above example,

User Login to the Application A which is firewall protected by business A. 
Then he clicks a link. 
SAML Encrypted token is generated 
This is posted to a url of Business B Https://XXX.businessB.com in encrypted format 
The OIF which is associated with This URL Picks the encrypted SAML Token 
OIF does the following 
Decrypts this Token 
Verify Signature 
Finds SSN. 
It uses SSN to find Userid. To find the userID using SSN, LDAP is used. 
Identifies user associated with the SSN 

OAM comes in to Picture here. OAM Logs the user into the Application B and creates a new Session

as all these tasks are happening behind the scenes the response time is little higher than a normal clicks.

I will explain in the next post How I conducted performance Testing to find the response times of SAML communication and LDAP.

No comments:

Post a Comment