Skip to Content.
Sympa Menu

mace-opensaml-users - RE: Authorization Statements/Queries

Subject: OpenSAML user discussion

List archive

RE: Authorization Statements/Queries


Chronological Thread 
  • From: Scott Cantor <>
  • To: "'Helen (Nell) Rehn'" <>,
  • Subject: RE: Authorization Statements/Queries
  • Date: Fri, 04 Oct 2002 18:36:19 -0400
  • Importance: Normal
  • Organization: The Ohio State University

> In addition, I was wondering if any thought had been given to having
> OpenSAML use a real SOAP engine for its SOAP bindings (i.e. Apache
Axis),
> rather than doing all its own XML processing?

The use of SOAP in the SAML binding is unfortunate (it adds a zero value
layer of code and complexity, but then that's a pretty good one liner
for SOAP period). As it stands, the use is so minimal that my opinion
was the bloat of dealing with Axis, let alone figuring out how to use
it, wasn't worth it.

When I looked, I couldn't for the life of me figure out how to do
document literal SOAP, though I'm sure it's there. If somebody cares
enough to make the changes, and can demonstrate that it accomplishes
anything, that's fine with me.

Note that the SOAP binding is SOAP 1.1, by the way. Once 1.2 comes out,
then you're stuck hoping legacy SOAP libraries keep working, too.

Going forward, it doesn't seem to me that OpenSAML is ever going to be
the place where WS-Security code would land, so I don't see more SOAP
making its way in anyway. The containment relationship is the other way
around, and somebody might want to pull SAML into an Axis application,
which is fine.

-- Scott

---------------------------------------------------mace-opensaml-users-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at

http://archives.internet2.edu/

---------------------------------------------------mace-opensaml-users--




Archive powered by MHonArc 2.6.16.

Top of Page