OpenSAML user discussion

["Scott Cantor" <>]

> I would like to use SAML 2.0 for an SSO project. In what state is OpenSAML
> 2.0? I know you are waiting for the Shibboleth release, but is the library
> already functional?

If you mean the Java one, it's not functional at the moment, no. Until the
rest of the security changes are done, it won't build. I don't really advise
people to go grabbing older revs, but if you had code that was using it and
need to keep working, that's an option.

The C++ code is functional, yes. It may change, but it builds and supports
more or less most of what I intended.

> I've played around with the TP2 Jar release
> (http://shibboleth.internet2.edu/downloads/opensaml2/java/tp2/), what I
> noticed is that the authentication contexts are missing, in trunk too.

You shouldn't be using detailed contexts at runtime, they don't work well
for that kind of purpose. Runtime support is in terms of context class refs
and decl refs, because that's what products will deal with. Full contexts
are better left to posting documents at the declaration reference URL. They
can be parsed, but that was never how anybody expected to use them.

> Are there any other factors that limit the usability of the library at the
> moment? In particular are Signature and Encryption operations fully
> supported?

It doesn't even build right now.

-- Scott