mace-opensaml-users - RE: Open SAML 1.0 interop experience with Access Manager products
Subject: OpenSAML user discussion
List archive
- From: "Scott Cantor" <>
- To: "'Farrukh Najmi'" <>, <>
- Subject: RE: Open SAML 1.0 interop experience with Access Manager products
- Date: Wed, 13 Oct 2004 10:32:31 -0400
- Organization: The Ohio State University
> I am new to opensaml and SAML 1.1. Does anyone have experience with
> interoperability with SAML Authorities provided in various Access
> Manager products such as:
>
> -Sun Java Enterprise System Access Manager
> -IBM Tivoli Access Manager
OpenSAML isn't a complete product, it's a toolkit. It's not directly
comparable to those products. It "interops" in the sense that it creates
valid SAML, can sign and verify, etc.
Shibboleth is the more analagous set of components. We believe but haven't
tested that it is compatible with those products using the POST profile and
that if they support or supply an attribute query or authority
implementation, there should be some interop. There are some additional
constraints in place on Shibboleth components to foster real interop,
similar to some of the additional profiling in the Liberty ID-FF work, but
with less outright extension.
We are working on adding artifact profile support and have done some
successful early prototyping against some commercial implementations.
-- Scott
- Open SAML 1.0 interop experience with Access Manager products, Farrukh Najmi, 10/13/2004
- RE: Open SAML 1.0 interop experience with Access Manager products, Scott Cantor, 10/13/2004
Archive powered by MHonArc 2.6.16.