OpenSAML user discussion

["Scott Cantor" <>]

> I have to implement the Single sign on use case (Web browser 
> SSO profile). I have chosen to implement the SP initiated: 
> POST->POST binding as a mechanism of achieving this [Refer: 
> sstc-saml-tech-overview-2.0-draft-01.pdf, section 4.1.2].

My library doesn't support SAML 2.0 yet and won't for quite some time.

> I have the following queries:
>              
> 1. How do I create a SANL AuthRequest to embed in the HTML 
> form (step 3)? I have created a name idenifier and a SAML 
> subject as follows, but don't know how to proceed beyond 
> that. Do I created an instance of the SAMLRequest class. If 
> so how do I associate it with the subject? 

There is no such message in SAML 1.1, therefore it's not in the library yet.
Also, it's not common to include a Subject in an AuthnRequest, that's a
specialized feature.

> 2. Once an AuthRequest hidden variable is embedded in the 
> HTML form and the form is received by the SSO service at the 
> IdP, how will the SSO service parse and extract the required 
> information. Cold you provide few lines of sample code.

You could look at the SAMLPOSTProfile::accept() method to see something
similar. All of that code will be more generic and not profile specific in a
SAML 2.0 version.

-- Scott