AssertionConsumerService
Advanced Configuration
Note, this is an advanced configuration feature. Most deployments can rely on the <SSO> shorthand element.
The <md:AssertionConsumerService> element is used to configure handlers that are responsible for consuming SAML assertions; that is, they process an assertion according to a profile, extract its contents, create a new user session, and typically produce a cookie to represent the session.
An ACS does most of the work of SSO for the SP and is the "receiving" half of the SSO message exchange started by a SessionInitiator. As a multi-protocol system, the SP itself is oblivious to specific SSO protocols; each ACS provides the implementation of a particular protocol. The "assertion" terminology is SAML-specific but is an abstraction at this level.
Protocols
ACS implementations exist for these protocols. Precisely which ACS is defined the the Binding attribute.