[OpenID] SAML vs OpenID = SOA vs REST

Peter Williams pwilliams at rapattoni.com
Sun Dec 28 22:12:14 UTC 2008


When we adopted websso, it was on the basis that the mix of legacy and modern app we operate for folks could be isolated from the religious wars that tend to erupt over (secure) infrastructure protocols. The solution was to url enable our webapp's session managers (where both saml and openid are each  but one  assertion protocol  to be routed and switched in and out of an interworking context just much as one might redistibute some or other igp route into bgp or into an enterprise-hosted mpls-vpn switch multiplexing 100,000 trust networks connecting op agents to sp agents.)

One of our recent spokes was very concerned that the final mile api/library that we gave them (to talk to a particular offloading websso engine) would lock them into the particular vendor's websso switch. So they built yet another pre/post filter to insulate themselves from all the "value adds" - offered that vendor and all other websso switch vendors. The naure of websso is such that this is easy, and in some sense natural : they were just really defining yet another local extension/bridge.

I keep hoping that openid (being so url centric) would become the universal integration api to websso switches (much like ethernet is the almost universal first hop framing format). If openid stays however just the expression of yet another religious artifact war (soa vs rest, saml vs openid auth, ldap vs xri)  - even tacitly - it may not make it as a universal enabler.

-----Original Message-----
From: Frans Thamura <frans at meruvian.org>
Sent: Saturday, December 27, 2008 7:39 PM
To: general at openid.net <general at openid.net>
Subject: [OpenID] SAML vs OpenID = SOA vs REST


hi all

i just thinking about the new perspective of OpenID, this idea come
after i read the slide of REST vs SOA

i see the big vendor pushing SOA in their product (support by all
party, but MS modified several spec for his own purpose, also like
usually).

and there is REST, and AJAX and SaaS.

there is SAML (except MS like usually), and there are pushed by big
vendor, and there is OpenID also from community like REST

so i think REST will gain momentum and i think OpenID also will
replace the SAML in the future (enterprise market still implement this
tech and big vendor promo in very big spending to make they are
trusted than community product)



--
--
Frans Thamura
Meruvian
One Stop Java and Enterprise OSS Provider
Technopreneurship, Training, Internship, Outsourcing and Corporate
Competency Center

Mobile: +62 855 7888 699
Blog & Profile: http://frans.thamura.info

Training JENI, Medallion (Alfresco, Liferay dan Compiere).. buruan...
URL: http://www.meruvian.com
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general



More information about the general mailing list