mace-opensaml-users - RE: Form Post Example
Subject: OpenSAML user discussion
List archive
- From: "Peter Gambino" <>
- To: <>
- Subject: RE: Form Post Example
- Date: Thu, 20 Dec 2007 23:35:53 -0500
- Organization: Delaero, Inc.
Thanks Paul... This looks very Helpful. I think this answers my questions!
-----Original Message-----
From: Paul Hethmon
[mailto:]
Sent: Thursday, December 20, 2007 4:09 PM
To:
;
Subject: RE: Form Post Example
Ok. Sorry I should validate links before I email them:
http://code.crt.realtors.org/projects/websso
Paul
-----Original Message-----
From: Paul Hethmon
[mailto:]
Sent: Thursday, December 20, 2007 4:05 PM
To:
;
Subject: RE: Form Post Example
Peter,
Take a look at our implementation available here:
http://code.crt.realtors.org/projects/web-sso
We've taken the OpenSAML libraries and built a reference implementation.
The base OpenSAML Java codes needs to be updated, it's a snapshot from
October currently, but it will show you the basics that you need.
Paul
-----Original Message-----
From: Peter Gambino
[mailto:]
Sent: Thursday, December 20, 2007 4:08 PM
To: 'Scott Cantor';
Subject: RE: Form Post Example
Sorry... The language is Java. As for Validation, our normal policy (at
least using the artificat method) is to validate a username passed in
along
with the Before and After attributes. I'm good with figuring this out
myself, I guess my struggle is in getting started with Un-encrypting the
Payload using a 509 I provided to the other system and then parsing the
form
post data.
Normally would I decode the Payload manually and then feed the XML data
from
the form parameter into Open SAML? Or is there a nice wrapped method
somewhere where I can just give it an HTTP Request?
Pete
-----Original Message-----
From: Scott Cantor
[mailto:]
Sent: Thursday, December 20, 2007 3:41 PM
To:
;
Subject: RE: Form Post Example
> I have a feeling it's SAML 2.0 which is why I can't figure it out with
the
> current library. I saw the test script in your 2.0 lib. Basically
the
SAML
> provider is sending me an SAMLResponse parameter in an HTTP Form Post.
As
a
> consumer application, I need to to consume the information HTTP
request
and
> validate it and allow entry to our application.
Well, the word "validate" there encompasses a lot of stuff. There is no
single place where it happens. The parser (and the basic XML classes),
message decoder classes, security policy rules, trust engines, and the
SSO
profile validator all work together to "implement" the process you're
describing.
You still haven't said which language this is either, so anything else I
could tell you is moot unless you're using C++.
-- Scott
- Form Post Example, Peter Gambino, 12/20/2007
- RE: Form Post Example, Scott Cantor, 12/20/2007
- RE: Form Post Example, Peter Gambino, 12/20/2007
- RE: Form Post Example, Scott Cantor, 12/20/2007
- RE: Form Post Example, Peter Gambino, 12/20/2007
- RE: Form Post Example, Paul Hethmon, 12/20/2007
- RE: Form Post Example, Paul Hethmon, 12/20/2007
- RE: Form Post Example, Peter Gambino, 12/20/2007
- RE: Form Post Example, Paul Hethmon, 12/20/2007
- RE: Form Post Example, Paul Hethmon, 12/20/2007
- RE: Form Post Example, Peter Gambino, 12/20/2007
- RE: Form Post Example, Scott Cantor, 12/20/2007
- RE: Form Post Example, Peter Gambino, 12/20/2007
- RE: Form Post Example, Scott Cantor, 12/20/2007
Archive powered by MHonArc 2.6.16.