On 07/03/2017 11:56, Sergey Beryozkin wrote:
Hi Francesco
Not sure if it can be relevant for this work but at the CXF level we
have this SAML SP support:
http://cxf.apache.org/docs/saml-web-sso.html,
something Colm and myself worked upon earlier on.
Thanks for the pointer, Sergey: I did already find it, though.
This does not completely fit in our scenario since here the idea is to
split the responsibilities in two: from one side the front-end
web-fragment takes care of the SAML exchange, from the other side the
Syncope core (e.g. the CXF application) works as back-end for the
effective SAML assertion validation and generation.
I'll look at the provided page and related implementation, anyway, thank
you very much indeed.
FYI, this class
https://github.com/apache/wss4j/blob/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/saml/OpenSAMLUtil.java
has been already extremely useful to me, since OpenSAML 3 documentation
is practically absent.
Regards.
On 07/03/17 10:49, Francesco Chicchiriccò wrote:
Hi all,
I have made a proposal at [1] and opened SYNCOPE-1041 for the purpose.
I am already working on it, and it should be ready on time for Syncope
2.0.3.
The idea is to embed the whole implementation in a PR, with option of
further discussing before merge.
Also, I would like to include, in the 2.0.3 release notes, a public
"thank you" statement to the University of Helsinki similar to the one
we made for 1.1.0 [2].
WDYT?
Regards.
[1]
https://cwiki.apache.org/confluence/display/SYNCOPE/%5BDISCUSS%5D+SAML+2.0+Service+Provider+feature
[2]
https://cwiki.apache.org/confluence/display/SYNCOPE/Ad+libitum#Adlibitum-1.1.0(April5th,2013)
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/