mace-opensaml-users - Re: is there an implementation of FilesystemCredentialResolver ?
Subject: OpenSAML user discussion
List archive
- From: Brent Putman <>
- To:
- Subject: Re: is there an implementation of FilesystemCredentialResolver ?
- Date: Fri, 08 Feb 2008 16:31:12 -0500
Hello Xavier,
Yes, you are correct, it fell through the cracks and is unfortunately not implemented. It probably won't be for 2.0, as we are in release candidate stage and the feature set is pretty much frozen at this point (unless we decide to make an exception for this, since it's more of a plug-in). I think we will still implement though, eventually, it's not terribly complex.
I would ask and suggest though: Whose credentials were you looking at needing to manage with this resolver? If the relying parties' keys (for any of signature verification; TLS authentication; and encrypting to them) then you might want to look instead at the java-opensaml2 MetadataCredentialResolver, based on SAML 2 metadata. That's a more standard way of doing this in SAML.
If it's just for your own local credential(s) for signing (and client TLS and/or possibly decrypting ), that's usually a bit easier to handle with your own app code, since it's a small number of keys (often in reality 1) and you know implicitly who owns them (you're usually not really "resolving" anything ). Note we also have a KeystoreCredResolver, which just wraps a standard Java keystore, which could be used for that purpose easily.
--Brent
Xavier Drudis Ferran wrote:
Hello.
I'm completely new to SAML and openSAML, but it looks as I needed something very close to org.opensaml.xml.security.credential.FilesystemCredentialResolver
So I set up to use it but it won't work.
Looking at the class I'd say it's still unimplemented. But on the other hand I read in the archive openSAML 2.0 is about to be released.
Am I looking at the wrong source and it is already done ? Is it obsolete or has it been decided not to do it ? Is someone already working on this ?
If it's not done then I'll have to do something similar to (part of) it. But I'm so new to this library that I doubt I do it in the proper way (beyond what works for me).
- is there an implementation of FilesystemCredentialResolver ?, Xavier Drudis Ferran, 02/08/2008
- Re: is there an implementation of FilesystemCredentialResolver ?, Xavier Drudis Ferran, 02/08/2008
- Re: is there an implementation of FilesystemCredentialResolver ?, Brent Putman, 02/08/2008
- Re: is there an implementation of FilesystemCredentialResolver ?, Xavier Drudis Ferran, 02/11/2008
- RE: is there an implementation of FilesystemCredentialResolver ?, Scott Cantor, 02/11/2008
- Re: is there an implementation of FilesystemCredentialResolver ?, Xavier Drudis Ferran, 02/11/2008
- <Possible follow-up(s)>
- Re: is there an implementation of FilesystemCredentialResolver ?, Xavier Drudis Ferran, 02/11/2008
- RE: is there an implementation of FilesystemCredentialResolver ?, Scott Cantor, 02/11/2008
Archive powered by MHonArc 2.6.16.