[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [higgins-dev] Question about higgins SAML interoperability
|
As I recall the SAML implementation in higgins was targeted to work with Google.
It would need significant work to come up to SimpleSAMLphp, or Shibboleth 2.
Shib 2 has some information card and openID support but is looking for people to maintain that.
Especially if you require Kerberos Shib 2 is probably your best bet.
John B. On 2010-08-12, at 3:54 AM, Stefano Gargiulo wrote:
- does it support SAML
federation metadata in xml?
i just read this:
Configure
the SAML2 RPThe
saml2idp.test web application project contains the
following files in the WebContent/conf folder:
...omississ...
- idp/cacert.pem:
This is the matching certificate (including a public
key) for the private key of the IdP. It is used to
verify XML Signatures in SAML 2.0 messages received
from the IdP. The file is expected to have a X509
structure and be in PEM (ascii) format.
So i suppose that higgins SP can trust just one IdP, and discovery
service protocol is not supported i'm right?
And the IdP:
rp/*.pem:
Every file ending in ".pem" in the rp/ subdirectory is
considered to be a matching certificate (including a
public key) for the private key of an RP, from which
requests should be accepted. It is used to verify XML
Signatures in SAML 2.0 messages received from RPs. The
file is expected to have a X509 structure and be in
PEM (ascii) format.
but where i can put the endpoints of all the services? or is it
supposed to interoperate just with Higgins RP?
Pratically my question is: can i interoperate higgins idp and sp
with a federation metadata like this:
https://www.idem.garr.it/docs/conf/idem-test-metadata.xml
?
Best regards,
Stefano.
Hi all,
I'm sorry: i don't know if i can ask things like this in
this mailing list but i didn't found any higgins-users ML.
First of all congraturations: I discovered this awesome
project today! I come from Shibboleth, simpleSAMLphp, and
OpenSSO (but now I'm implementing a new SSO federation, so i
just looked around for news)
I like very much the innovative idea behind Higgins, so
i want to try it, but i've to be care because in the future
my new SSO federation will need to interoperate with a
bigger one that's strongly based on Shibboleth (IDEM, the
italian educational federation) so before starting i've two
questions, one concerning the IdP and one for the Java RP:
1) Can the SAML2 IdP fully interoperate with
Shibboleth and SimpleSAMLphp SP? (we call SP, Service
Provider, what you call RP)?
Does it support federation metadata in xml format?
Does it support attribute query profile?
Single Logout Request?
Attribute Aggregation (can it be an
AtrributeAuthority?) etc?
Or simply please tell me any know lack into the SAML
IdP implementation...
2) Does the Java RP includes an interoperable SAML
implementation? (i can't understand this in the official
website)
Best regards,
Stefano.
_______________________________________________ higgins-dev mailing list higgins-dev@xxxxxxxxxxx https://dev.eclipse.org/mailman/listinfo/higgins-dev
|
Attachment:
smime.p7s
Description: S/MIME cryptographic signature