Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] OpenSAML 1 to 2 transition

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] OpenSAML 1 to 2 transition


Chronological Thread 
  • From: "Alexander Müller" <>
  • To: <>
  • Subject: Re: [OpenSAML] OpenSAML 1 to 2 transition
  • Date: Wed, 08 Jul 2009 12:30:51 +0200

>>> On 07.07.2009 at 18:49, in message
>>> <>,
>>> Chad La Joie
<>
wrote:
> The problem is that SAML 2 authentication is quite complex. You have to
> deal with plain old authentication, forced authentication, passive
> authentication, authentication contexts and declarations, and various
> other things. Trust me, even if you have to spend the next 6 months
> learning Spring and XML you'll still be further ahead writing a Shib plugin.

Our requirements are far below from that (the SP wouldnt be involved in the
authentication decision) and more similar to SAML 1. What I basically thought
was to port the current code (logic) over to SAML 2 with OpenSAML 2.

Approaching it from another perspective, with those requirements (the SP only
receiving user credentials from the IdP), which would be still matched by
SAML 1, might SAML 1 still be the right choice or would it be nonetheless
recommended to go with SAML 2 (newer version, newer specification, .....)?

Thanks again,
Alexander




Archive powered by MHonArc 2.6.16.

Top of Page