Top SAML Interview Questions (2020) | CodeUsingJava

Most frequently asked SAML Interview Questions

What is SAML?

  • Security Assertion Markup Language (SAML) is an XML-based framework used to authorize, authenticate and communicate attributes and privileges of a user.
  • It provides numerous benefits to enterprises, organizations and governments.

features of SAML

What are the main features of SAML ?

  • Seamless integration
  • Security domains can exchange information.
  • Backoffice Transaction.
  • Single-Sign-On can be performed that is the ability to authenticate in one security domain and to use the protected resources of another security domain.
  • XML-based framework for security sharing information over Internet.

What is Authentication in SAML?

  • Authentication is to determine the users who they claim to be.
  • It validates the user's identity and decides if the user is valid or not.

Authentication and Authorization

What is Authorization in SAML?

  • Authorization is to determine whether the users have the right to access certain systems or content
  • It identifies that the user has specific permission or not after successful authentication.

On which protocols does SAML work?

SAML works on following protocols:
  • Hypertext Transfer Protocol (HTTP)
  • Simple Mail Transfer Protocol (SMTP)
  • File Transfer Protocol (FTP)
  • Electronic Business XML

SAML protocols

What is Single Sign-On ?

  • Single Sign on is the process of logging into one site and then getting logged into another site based on your login to first site.
  • Single sign-on (SSO) is a property of access control of multiple related, yet independent, software systems. With this property, a user logs in with a single ID and password to gain access to any of several related systems.

What are benefits of using SAML?

    It offers many benefits such as:
  • No need to provide credentials again and again.
  • SAML messages are secured using the latest encryption.
  • SAML sessions can be re-validated at the IdP/SP to check if the session is timed out.
  • Additional information can be provided to provide more information about the user.
  • Improved online experience for end users.

What is the major difference between SAML and OAuth ?

  • SAML which stands for Security Assertion Markup Language is an umbrella standard that encompasses profiles, bindings and constructs to achieve Single Sign On (SSO), Federation and Identity Management.
  • OAuth i.e Open Authorization is a standard for authorization of resources. It does not deal with authentication.