Myth: SAML is a complicated design.

不实说法：SAML是一个复杂的设计。

Client request with SAML token.

带有saml令牌的客户机请求。

The primary objectives of SAML are.

SAML的主要目标包括。

The SAML security token is returned.

返回SAML安全令牌。

Security Assertion Markup Language (SAML).

安全断言标记语言(SAML)。

Myth: SAML is an authentication authority.

不实说法：SAML是一个认证权威机构。

By default, SAML 1.1 assertions are supported.

在默认情况下，支持SAML 1.1断言。

Create and exchange cryptographic keys for saml.

创建并交换用于SAML的加密密钥。

Ideally the SAML assertion should be signed by STS.

理想情况下，SAML断言应该由STS签署。

Two profiles are defined in the SAML specification.

SAML规范中定义了两个配置文件。

The default implementation of AAP supports SAML 1.1.

AAP 的默认实现支持 SAML 1.1。

What are the security risks in an SAML-based system?

基于SAML的系统的安全风险是什么？

SAML does not define attribute meanings for any industry.

SAML并未为任何行业定义属性含义。

SAML has no provision for providing anonymous authentication.

SAML 没有用于提供匿名认证的功能。

SAML is an authentication protocol that is used between servers.

SAML是一个在服务器之间使用的认证协议。

The secured response contains the requested SAML security token.

安全的响应包含所请求的SAML安全令牌。

However, for simplicity we will configure STS not to sign SAML assertion.

但为简便起见，我们将STS配置为不签署SAML断言。

From the sample request XML, user identity is passed in as SAML assertion.

在这个请求示例中，以SAML断言的形式传递用户身份信息。

Consumers of assertions can either be clients or SAML authorities themselves.

断言的消费者是客户或者SAML权威本身。

Any SAML-compliant software can assert its authentication of a user or data.

任何符合SAML的软件然后都可以断言对用户或数据的认证。

Configuring SAML policy sets and bindings for a JAX-WS-based client and provider.

为基于JAX - WS的客户端和提供者配置SAML策略集和绑定。

Finally, sign the SAML assertion with the keys we created earlier in this article.

最后，使用我们在本文前面创建的密钥对SAML断言签名。

Using a SAML bearer subject confirmation token to propagate a user's identity.

使用SAML不记名主体确认令牌来传播用户身份。

This article briefly describes how to use this mechanism to support SAML assertions.

本文简要介绍如何使用这种机制支持SAML断言。

SAML is a mechanism for controlling access to resources for authenticated principals.

SAML是一种控制对已验证主体的资源进行访问的机制。

SAML? for real or were they just hype and trickery meant to spur the acquisition?

的传闻是真实的吗，或者这只是为了策动并购进行的大肆宣传？

Ability to authenticate the client by validating a SAML 1.1 signature, for this example.

通过验证一个SAML 1.1签名(对本例来说)来对客户机进行身份验证的能力。

In my next article, I will focus on explaining how to make this trust portable using SAML.

在我的下一篇文章中，我将重点解释如何通过SAML使这种信任可移植。

Together, they will associate the SAML token with a given secure conversation transaction.

这三个样式表将这个 SAML 令牌和一个给定的安全会话事务关联起来。

Security Assertion Markup Language, or SAML, is a mechanism for ensuring portable trust.

安全断言标记语言或者 SAML 是一种保证可移植信任的机制。