|
What we wanted to be able to do is authenticate to IdAS using a SAML2 assertion. The application consuming IdAS will receive a serialized SAML2 assertion and open an IContext with it. Right now, we're using org.eclipse.higgins.saml2idp.saml2.SAMLAssertion. Actually, we have a thin wrapper over org.eclipse.higgins.saml2idp.saml2.SAMLAssertion. You can see it at org.eclipse.higgins.idas.common.AuthNSAML2AssertionMaterials. We wanted to make sure we (the CP) could get the serialized form of the SAML2 assertion back in the exact form that it came in. We hope SAMLAssertion.toString() will produce the correct form, but we weren't sure, so we built that little wrapper so we could preserve it.
Jim
>>> Michael McIntosh <mikemci@xxxxxxxxxx> 06/06/08 7:24 AM >>>
Jim,
There is a lot of code in all the deployments that should be shared - that
was the theme of a presentation I did at the last Provo F2F.
What functionality do you need?
Regards,
Mike
higgins-dev-bounces@xxxxxxxxxxx wrote on 06/06/2008 04:49:56 AM:
> [image removed]
>
> Re: [higgins-dev] Can we rename saml2idp.saml2?
>
> Jim Sermersheim
>
> to:
>
> Higgins (Trust Framework) Project developer discussions
>
> 06/06/2008 04:51 AM
>
> Sent by:
>
> higgins-dev-bounces@xxxxxxxxxxx
>
> Please respond to "Higgins \(Trust Framework\) Project developer
discussions"
>
> For what we need, it would be nice if we ended up with a set of
> SAML2 utilities that were (architecturally) consumable by any other
> component. Mike, Is there code in the STS libraries that should
> instead be exposed for a more general purpose?
>
> Jim
>
> >>> "Markus Sabadello" <msabadello@xxxxxxxxxxxxx> 06/06/08 12:40 AM >>>
> Sure, but as I understand the idea is to replace the functionality
> of that library with STS components.
>
> In fact, after a recent call with Mike I have started to work on my
> IdP to use the STS instead of that library.
>
> But yes, go ahead and rename it (or should I do that?)
>
> Markus
> On Fri, Jun 6, 2008 at 12:10 AM, Jim Sermersheim <jimse@xxxxxxxxxx>
wrote:
> Markus,
>
> Can we rename org.eclipse.higgins.saml2idp.saml2 to something like
> org.eclipse.higgins.util.saml2?
>
> We'd like to consume it in non-idp code and it seems to be purely a
> utility-type library.
>
> Jim
>
> _______________________________________________
> higgins-dev mailing list
> higgins-dev@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/higgins-dev
> _______________________________________________
> higgins-dev mailing list
> higgins-dev@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/higgins-dev
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
|
