I agree in general, but devil is in details. If I have usual time constrained project, and have to ship something in, say, two months; then I have to develop anything that works, not the best solution. I have looked to some of these projects, though currently integration with these requires too much learning project internalities to be achievable in short-term project. I'd like to help build something, that could be deployable by putting some jar file and writing settings in xwiki.cfg, but I'm not experienced enough and have no time to go in long and deep custom development.
Valdis > Just a comment.. (I'm a list watcher 99.9% of the time) > > XWIKI will work just fine with SAML products that engage at the > container level.. You just use a HTTP auth type authenticator which > there are a few out there in the contributions area. > > My advice would be to NOT write to the SAML protocol where this gets > really intricate.. but to just let the known to work SAML products do > their thing. Pulling the SAML bits into XWIKI does not buy you anything > intricate to the product and just adds much more room for error on the > authenticator. > > People wanting to implement their own SAML stack inside 'web appX' > is a topic that always comes up on some of the lists I'm on and the > SAML people always say there is really no reason to do this.. o > > IMO leave the SAML bits to saml products** and use a http authenticator > that you like. > > ** Just to name a few: > - http://simplesamlphp.org/ , > - http://shibboleth.net/ , > - https://github.com/guanxi/guanxi-sp-guard , > > > ------ > thanks > kevin.foote > > On Fri, 29 Mar 2013, Valdis Vītoliņš wrote: > > > Nicolas, > > If you'd be able to rebuild this module that it at least compiles and > > does something, I'd also be interested in trying it and contributing to > > its development. > > > > Valdis > >> Hi Nicolas, > >> > >> If I remember correctly I wrote this authenticator and I think it requires > >> some code in XWiki pages to manage the redirects but I don't think I have > >> this code anymore. > >> Plus it was for one custom SAML server and has not been tested with > >> multiple ones. > >> > >> In any case it's a good basis for starting a SAML authenticator. > >> If you are coding against a more widespread SAML server, do contribute your > >> code :) > >> You can takeover the module fully as no backwards compatibility is needed. > >> > >> Ludovic > > ... > > > > _______________________________________________ > > users mailing list > > users@xwiki.org > > http://lists.xwiki.org/mailman/listinfo/users > > > _______________________________________________ users mailing list > users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
