Toolkit plugs security gap in e-services

Netegrity's JSAML Java-based toolkit enables firms and independent software developers to create and deploy SAML-ready solutions. This would help businesses to provide authorisation and single sign-on for end-users who access their systems through trading partners in the supply and value chain--a facility not offered by Web services standards such as Soap, WSDL and UDDI.

Bill Bartow, vice president of marketing at Netegrity, said, "We're a little ahead of the market because the [SAML] specification is not finalised; but most people want to get into the market and they can use the toolkit now." He said the final draft of SAML should be submitted to the Oasis steering committee in the next two months.

The toolkit is free and should be available from Netegrity's Web site by 30 October. It will consist of a set of Java classes containing code to create SAML documents; instructions on how to put them together and bind to other formats such as HTTP and S/MIME; and information on how to use documentation, together with accompanying sample code.

He added the toolkit would solve the problem for firms with different applications and infrastructures, which currently have no way to securely share information about who their users are or what they do, including information such as credit limits.