OpenSAML user discussion

[Chad La Joie <>]

Hey Rajesh,
  SAML 1.X (and thus OpenSAML 1.1) is really stateless, in the sense 
that there is no defined concept of a session (the transport protocol 
used is also stateless).  So, you're not going to find what you're 
looking for in the OpenSAML code base, even in 2.0.
  Instead, as Tom suggested, you probably want to look at Shibboleth 
(http://shibboleth.internet2.edu) which is an implementation of the SAML 
IdP and SP concepts for use with web based applications.  A number of 
schools have deployed Shibboleth as an SSO so it does have the ability 
to be used as such.  Shibboleth 2.0 will, in my opinion, be the first 
release of Shibboleth that really brings standard SSO features (such as 
session timeouts) to the table.  So, if you can wait 6-9 months Shib 2 
might be a good solution for you.
  Please let me know if you have any questions.  Thanks.


 wrote:
> Hi,
> We are planning to work on a opensaml 1.1 implementation for SSO, 
> implementing the browser artifact profile.
>
> I was wondering as to how does SAML handle (if at all it handles) Session 
> timeout at the IdP, while the user is working at SP.
>
> Any pointers in this regard would be highly appreciated.
>
> Thanks and Regards,
> Rajesh Narayan

--
Chad La Joie             2052-C Harris Bldg
OIS-Middleware           202.687.0124