Shibboleth Developers

[Chad La Joie <>]

On Jul 18, 2006, at 8:59 AM, RL 'Bob' Morgan wrote:

> > - People are more likely to attempt to use the Java SP code for  
> > non-web applications (web services, grids, client/server, etc.)  
> > applications than the C++ code.  Thus, as much functionality as  
> > makes sense should be moved into a set of core code that is  
> > divorced from things like the J2EE servlet code.
>
> Hmm, what is a SAML SP other than an implementation of the SAML web  
> browser signon profiles?

An implementation of the other profiles?

> What functionality would be provided to support non-web  
> applications?  WS-Sec SAML token profile?  Seems like support for  
> use of SAML in non-web scenarios would be in opensaml, or in code  
> specific to those scenarios.

This isn't defined yet, as the email said.  A project I'm working on  
happens to use WS-Security with the ECP profile, others I'm sure will  
use other things.  My assertion was that people were more likely to  
try to do that stuff with this code base than the C++ one.

> As long as I'm thinking about it, is WS-Fed support going to be in  
> the 2.0 Java SP?

At this moment I'm not planning on anything other than SAML support.   
I can't imagine why we'd support WS-Fed when the author of the "spec"  
isn't going to.