Hi All, I have skim through the SAML 2.0 specification. It seems that SAML 2.0 specification is similar to the SAML 1.1 specification. So we can reuse the code in SAML 1.1 for building the SAML 2.0.
A SAML implementation usually consists of 2 parts. 1. Facilitate the user to create and process SAML tokens by providing a API - Service and client level. 2. Process and integrate SAML tokens in the SOAP security header - Rampart level Since SAML 2.0 is similar to SAML 1.1 we can achieve the 1st target quickly. It seems that SAML 2.0 assertions support advanced encryption and signature features. i.e it allows encryption of individual XML elements in an Assertion. These will probably require the introduction of new features to the OMXML library of Rampart/C like XPath support. But these features may not require at the beginning and we can introduce them gradually. Considering all these things, fully achieving the 2nd part will take some time. Regards, Supun.. On Fri, Apr 11, 2008 at 10:19 AM, Samisa Abeysinghe < [EMAIL PROTECTED]> wrote: > Kasun Indrasiri wrote: > > > Hi, > > > > > > > > > Hi, > > > AFAIK it'll take at least a month to make the current SAML > > > implementation > > > support SAML 2.0. But it will depend on the differences between SAML > > > 1.1 > > > and > > > SAML 2.0, because SAML 2.0 has some major changes with respect to SAML > > > 1.1. > > > > > > Thanks > > > Milinda > > > > > > Yes I will depends on the difference between SAML 1.1 and SAML 2. We > > > may > > > > > > > > some times needed to implement SAML 2.0 as an indepedent module from > > SAML > > 1.1 due to the drastic differences btn SAML 1.1 and its counterpart. > > > > > > OK, that is interesting. So if it is a separate module, would a single > deployment of Rampart be able to handle both versions at once? Also, does a > separate module for SAML 2.0 means that there would not be any reuse of > current SAML 1.1 impl? Is there any way of refactoring what we have done > already to accommodate both at once and reuse some stuff? > > Thanks, > Samisa... > > Thanks > > Kasun. > > > > > > > > > -- > Samisa Abeysinghe > > http://people.apache.org/~samisa/ <http://people.apache.org/%7Esamisa/> > >
