

Choosing an SSO Strategy: SAML vs OAuth2 - ejdyksen
http://www.mutuallyhuman.com/blog/2013/05/09/choosing-an-sso-strategy-saml-vs-oauth2/

======
sk5t
Some minor notes:

Conventionally, "authn" means authentication, "authz" means authorization, and
plain old "auth" doesn't mean anything in particular.

I don't think it makes sense to blame SAML for the awkwardness of using the
passive browser sign-in scenario for something for which it was not designed.
There are other profiles and other protocols available from any competent
security token service.

Also bear in mind there is a tremendous amount of confusion around the SAML
terminology, which can mean the token format, or the protocol for exchanging
authentication request messages, which are entirely separate things.

------
brugidou
Naïve question: why isnt any service on the internet providing sso using
kerberos? The protocol seems to be appropriate.

