OpenSAML user discussion

["Scott Cantor" <>]

Chris Pratt wrote on 2009-03-18:
> We currently have a large web application that we would like to add MD-SSO
> support to.  We'd like to allow our external partners to grant secure
access
> to our site for users on their sites or intranets.  For reference, we are
> running on a Spring/Struts 2/Tiles framework.  How would I get started in
> developing something like this using OpenSAML.

I'd strongly urge you to use an existing SP, whether it's in Java or not.
Your time isn't best spent reimplementing, and tying applications to SAML
isn't a good design any more than tying them to anything else is. Web
applications should rely on web servers for identity, not themselves.

> I've tried to look for
> tutorials, examples or documentation, but I can't find anything even
> remotely close to a "How to write a Service Provider" document.  Does
> something like that exist?

OpenSAML is a by-product of implementing Shibboleth and despite their best
intentions, the new contributors ended up in much the same place I did many
years ago...a lot of code and very little time to provide documentation.
 
If you really want to do this, there are implementations you could copy that
are listed on the OpenSAML wiki front door, some complete SPs and some
probably more like prototypes.

-- Scott