OpenSAML user discussion

["Chandra, Sekhar(IE10)" <>]

How can I unsubscribe to this list ??



Regards 
Chandra Sekhar
Honeywell Technology Solutions Lab [HTSL] 
Work: +91 80 26588360, ext 3152
Web: <http://web.ssl.honeywell.com/digitalworks/support/index.jsp> 



-----Original Message-----
From: Richard Gundersen 
[mailto:]
Sent: Saturday, May 01, 2004 2:21 PM
To: 

Subject: SAML, JAAS, GSS-API etc


Hi

I'm designing a single signon architecture for a project I'm working on, and

have *almost* settled on Kerberos as the authentication mechanism, GSS-API 
for client/server authentication and communication, and JAAS to create a 
custom policy for managing roles and permissions etc.

I think if these are used correctly this should provide a solid base for my 
solution.

However, now I have come accross SAML, which from what I have read, could 
perhaps take the place of the JAAS and GSS-API components.

My question is this: is SAML something that could be used instead of, or to 
complement these technologies? If anybody has experience of how SAML has 
been used with JAAS, GSS-API etc etc in a production environment I'd be 
really interested to hear. My gut feeling is GSS/JAAS might be a bit more 
flexible and robust since they are fairly mature & well understood now, but 
I am very open minded and interested to hear what SAML can offer.

Thanks!

Richard

_________________________________________________________________
Express yourself with cool emoticons - download MSN Messenger today! 
http://www.msn.co.uk/messenger