OpenSAML user discussion

[Jonathan Tellier <>]

Hey,

I've had to put my work on the ECP SP/client on hold for a while, but
now I'm back working on it and I've got a question.

Unless I've missed something, I could not seen any way to create,
marshal and unmarshal PAOS elements, namely the paos:Request and
paos:Response. From what I could understand by looking at code and
docs, the delegated-saml-authentication client manipulates those
elements by using classes from the org.w3c.dom packages. As for the
SWITCH client, I might be wrong but it does not seem to create the
paos:Response xml element. From my understanding, it sends the correct
message, but without that header. As for the paos:Request, since it's
simply stripped from the message, there's no need for fancy
manipulation code.

So, since my SP needs to create and manipulate those PAOS elements, I
was thinking that maybe the opensaml library could benefit of the
enhancement I'll have to code anyway. What I'm thinking about is to
create an org.open.saml2.paos and an org.open.saml2.paos package,
modelled after the org.open.saml2.ecp and org.open.saml2.ecp.impl
packages. In fact, my code would look a lot like what is already
present for ECP, but instead of handling ecp:Request/Response, it
would handle paos:Request/Response.

Does all of this make sense?

I guess that creating a Jira issue and including my patch (once it's
done) would be the best way to go, but I wanted to have advices from
people who know opensaml better than I do first before blindly coding
away.

Thanks,
Jonathan


On Mon, Oct 18, 2010 at 8:54 AM, Jonathan Tellier
<>
 wrote:
> Thanks for the client libraries suggestions. I'll be taking a closer
> look at those shortly.
>
>> It's probably semi-relevant that I just submitted a new proposal for a
>> version 2.0 ECP profile:
>
> The HoK part will actually be quite relevant and useful to me actually...
>
> Jonathan
>