[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [higgins-dev] encrypted assertions with higgins saml2 util library
|
2009/6/10 Markus Sabadello <markus.sabadello@xxxxxxxxx>:
> Hello Torgeir,
>
> The Higgins SAML2 utility library (org.eclipse.higgins.util.saml) was
> written primarily to support the SAML2 IdP
> (http://wiki.eclipse.org/SAML2_IdP). It is by no means a complete SAML2
> implementation, and it should NOT be used for the following:
> - Issuing tokens for a card (use the STS component instead)
> - Decrypting/Verifying/Parsing tokens from a card (use the RP enablement
> component instead)
> - Generic SAML / SAML2 stuff (use a library such as OpenSAML instead)
Yet the simplicity of the library is what makes it so compelling. It
works nicely with the saml2api's login servlet (although it uses a
slightly older version of the utility library) to provide a very
simple to use library when all one needs to do is to delegate
authentication to an IdP for some SP.
I don't think it will be to hard to implement what i need. I basically
need to initialise a key with my private certificate from the
environment, add a getEncryptedAssertion method that provides an
EncryptedAssertion class, providing a decrypt() method. My assumption
is then that the decrypted content is simply an xml fragment that
needs to be parsed to be used similar to the normal unencrypted
assertion.
--
-Tor
