Skip to Content.
Sympa Menu

mace-opensaml-users - RE: new release

Subject: OpenSAML user discussion

List archive

RE: new release


Chronological Thread 
  • From: "Nick Laqua" <>
  • To: "Scott Cantor" <>, <>
  • Subject: RE: new release
  • Date: Mon, 3 Mar 2003 17:20:31 +0100

That makes sense, I have seen the artifact support within SAMLRequest. One
could argue that the artifact creation process could also be part of a SAML
toolkit, but that's probably in the eye of the beholder.

thx for your responses, looks like a very nice toolkit, I guess we will use
it.

Nick

-----Original Message-----
From: Scott Cantor
[mailto:]
Sent: Monday, March 03, 2003 5:00 PM
To: Nick Laqua;

Subject: RE: new release


> Thx a lot for your fast response, any plan/idea about the
> Artifact-Profile for SSO ?

I don't know for sure what else there is for me to do. I added support for
query by artifact. Everything else about the artifact
thing seems out of scope. You have to maintain the artifact mapping,
authenticate the requester, enforce one time use policy, etc.
but all that stuff seems like it's part of a SAML authority implementation.

The SAML SOAP binding is implemented generically and should support the
request model though.

I could see there being some supporting code to help, perhaps, but no, I
don't have any specific plans. I would be happy to
integrate code if somebody thinks they have something useful to contribute.

> Am I correct that you fully depend on Apache XML Security
> because there is no standardized XML Dsig/Enc API by SUN
> (like JAXP for XML Processing) ?

You mean in the Java? I don't expose any of the XML Security API any more.
All of the code is confined to one or two classes right
now, and I didn't implement any kind of a provider interface for the reason
you describe and because it's a lot of work for
something as complex as dsig, but it's a simple matter to reimplement a
couple of classes to use a different library, I think.

I depend on that library because it's the only open source library with a
compatible license, so I didn't have much choice.

-- Scott

---------------------------------------------------mace-opensaml-users-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at

http://archives.internet2.edu/

---------------------------------------------------mace-opensaml-users--




Archive powered by MHonArc 2.6.16.

Top of Page