What’s SPML?

December 6, 2005

SPML is the acronym of Service Provisioning Markup Language, (服务供应标记语言,or 服务配置标记语言). It’s an important protocol currently used at web based identity management and the corresponding connection with Human Resource systems.

It’s developed by Sun and Waveset to offer integrated identity manangement solutions for Peoplesoft, and then submitted to OASIS for an industry standard. The original goal of the SPML protocol is to connect Sun ONE Identiy Server, Sun Java System Directory Server, Waveset Lighthouse, and PeopleSoft to help manage all related resources.

The SPML architecture consists of the following three components:

  • Requesting Authority (RA): This is the client in the SPML scheme of things. It creates well-formed SPML documents and sends them as requests to the SPML service point. These requests describe an operation to be performed at specific service points. For an RA to issue a request to an SPML service point, a trust relationship must exist between the RA and the SPML service point. Even an SPML service point can act as an RA when it issues an SPML request to another service point.
  • Provisioning Service Point (PSP): This is the component that listens to the request from the RA, processes it, and returns a response to the RA. Any component that listens and processes well-formed SPML documents is called a Provisioning Service Point.
  • Provisioning Service Target (PST): This is the actual software on which the action is taken. For example, it could be an LDAP directory that stores all of an organization’s user accounts, or it could be an IT ticketing system that is used to log IT requests (such as obtaining a laptop for a new employee).

In brief, the architecture is essentially a client (RA), a server (PSP), and resources (PSTs) that SPML manages. In addition, a server can act as a client to another server and so on.

See more detailed technological information about SPML, click here for a good introduction by Manish Verma (mverma@secf.com).

See informatioin from OASIS, click here.

technorati tags: , , ,