Draft Content - In a Nutshell Three parties: User Asserting Party (creates Assertions/Artifact) = "Authentication Server" Relying Party (verifies Assertions/Artifact) SAML Push Model Uses Assertions in a "Call by value" style SAML Pull Model Uses Artifacts in a "Call by reference" style Two ways of attaching the Assertions/Artifacts Separate exchange with the Authentication Server SIP messages traverse Authentication Server |