OpenSAML user discussion

["Alexander Müller" <>]

>>> On 07.07.2009 at 18:49, in message 
>>> <>,
>>>  Chad La Joie
<>
 wrote:
> The problem is that SAML 2 authentication is quite complex.  You have to 
> deal with plain old authentication, forced authentication, passive 
> authentication, authentication contexts and declarations, and various 
> other things. Trust me, even if you have to spend the next 6 months 
> learning Spring and XML you'll still be further ahead writing a Shib plugin.

Our requirements are far below from that (the SP wouldnt be involved in the 
authentication decision) and more similar to SAML 1. What I basically thought 
was to port the current code (logic) over to SAML 2 with OpenSAML 2.

Approaching it from another perspective, with those requirements (the SP only 
receiving user credentials from the IdP), which would be still matched by 
SAML 1, might SAML 1 still be the right choice or would it be nonetheless 
recommended to go with SAML 2 (newer version, newer specification, .....)?

Thanks again,
Alexander