OpenSAML user discussion

[Arnout Engelen <>]

 wrote:
> I'm working on a access control framework and I'd like to use the SAML 
> 2.0 profile of XACML v2.0 
> (http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-saml-profile-spec-os.pdf) 
> but I'm unaware of any implementation of this profile.
>
> Does anyone knows if there is any implementation of this profile 
> (better if its open source)?
>
> In case there isn't any implementation, how should I proceed to 
> implement it myself using OpenSAML as a basis? I'm reading the wiki 
> documents but didn't understand yet how a profile is implemented. 
Basically, the 'profile' document simply describes how to use SAML and 
XACML together.

As Scott mentioned, the 'implementation' of a profile is not a very 
well-defined thing. Perhaps the best route to take would be to take a 
SAML library (e.g. OpenSAML 2) and a XACML library (e.g. SunXACML), and 
simply start using them as described in the profile document. In the 
process, you'll probably want to write some generic functionality that 
depends on both OpenSAML and SunXACML, or converts data structures 
between the two. Indeed it would be quite useful to put those in a 
separate project, and share that project ;).


Arnout