[Owasp-leaders] Token specification

James McGovern JMcGovern at virtusa.com
Wed Nov 17 11:56:49 EST 2010

Have you ever attempted to integrate via custom code a Federated Identity Solution with a Web Access Management solution and ran into challenges were standards were an impediment? Please see http://www.oasis-open.org/committees/download.php/40220/draft-saml-session-token-01.odt Oracle is proposing a new standard (with some encouragement from a loudmouth who runs the Hartford chapter) to get over the hurdles of this type of integration and is very applicable to sites that use CA Siteminder, Yale CAS or equivalents. 


Would be great if others could provide feedback on the security, functionality, etc on this specification…



Virtusa was recently ranked and featured in 2010 Global Services 100, IAOP's 2010 Global Outsourcing 100 sub-list, 2009 Deloitte Technology Fast 500 and 2009 Dataquest-IDC Best Employers Survey among others.


This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is intended for the addressee only. Any unauthorized disclosure, use, dissemination, copying, or distribution of this message or any of its attachments or the information contained in this e-mail, or the taking of any action based on it, is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail and delete this message.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20101117/9bf4e75e/attachment-0001.html 

More information about the OWASP-Leaders mailing list