Did you read through the CAS documentation? It's extensive (which means it's extensible and includes all manner of clients so your work won't be a "one man' show" or "unsupportable hack" [which is why we are all hanging off the open source wagon in the first place]).
This might bring compatibility issues into clear focus: https://wiki.jasig.org/display/CASC/AuthCAS If you don't use CAS, you might look at the code they used in this piece. After all, we don't go into a little room and pull code out of our armpits, do we? It's cut, splice, modify for our purposes and debug; is it not? On Sat, Dec 29, 2012 at 9:39 AM, Kevin Brown <[email protected]>wrote: > I need it to work with the environment that the company already has in > existence. Everything they use is Apache 1 with mod_perl. > >> Hi Kevin, >> >> Why recreate the wheel? >> >> CAS >> <%20https://wiki.jasig.org/**display/CASUM<https://wiki.jasig.org/display/CASUM> >> > >> >> If you determine you really don't need CAS, perhaps this discussion of >> CAS >> <%20https://wiki.jasig.org/**display/CASUM<https://wiki.jasig.org/display/CASUM>> >> implementation and SAML+1.1 ticket validation: https://wiki.jasig.org/** >> display/CASUM/SAML+1.1 <https://wiki.jasig.org/display/CASUM/SAML+1.1>might >> help? >> >> >> >> >> >> >> On Fri, Dec 28, 2012 at 2:48 PM, Kevin Brown <[email protected]<mailto: >> kevinbrownbdc@gmail.**com <[email protected]>>> wrote: >> >> So, new job... I've been tasked with implementing SSO using SAML >> 1.1. The client provided a document that gives an example of the >> Response object that will be forwarded into our site when a user >> goes to login. I'm trying to figure out how to validate the XML >> that I'm given so that I don't blindly trust that the document >> hasn't been modified in some way or just faked. >> I have the keys (DigestValue and SignatureValue), but when I try >> to do a sha1 of the xml (minus all the parts in the >> <Signature></Signature> section, the hash doesn't match. >> Does anyone have any experience with this that they might be able >> to point me in the right direction? >> >> ------------------------------**--------------------- >> PLUG-discuss mailing list - >> [email protected].**org<[email protected]> >> >> <mailto:PLUG-discuss@lists.**phxlinux.org<[email protected]> >> > >> >> To subscribe, unsubscribe, or to change your mail settings: >> >> http://lists.phxlinux.org/**mailman/listinfo/plug-discuss<http://lists.phxlinux.org/mailman/listinfo/plug-discuss> >> >> >> >> >> -- >> >> (503) 754-4452 Android >> (623) 239-3392 Skype >> (623) 688-3392 Google Voice >> ** >> it-clowns.com <http://it-clowns.com> >> Chief Clown >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> ------------------------------**--------------------- >> PLUG-discuss mailing list - >> [email protected].**org<[email protected]> >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/**mailman/listinfo/plug-discuss<http://lists.phxlinux.org/mailman/listinfo/plug-discuss> >> > > ------------------------------**--------------------- > PLUG-discuss mailing list - > [email protected].**org<[email protected]> > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/**mailman/listinfo/plug-discuss<http://lists.phxlinux.org/mailman/listinfo/plug-discuss> > -- (503) 754-4452 Android (623) 239-3392 Skype (623) 688-3392 Google Voice ** it-clowns.com Chief Clown
--------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.phxlinux.org/mailman/listinfo/plug-discuss
