-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Being unfamiliar with SAML at the development tier ATM, I am only aware of the opensaml C++ libs. Is anyone aware of the library availability for the set of languages/platforms being targeted here?
I have to admit -- looking at mod_auth_cas, currently a simple Apache module of 1 .c file, performing very basic SSL socket handling and minimal XML parsing, and growing to include SAML, PKI, SOAP/REST, etc, is rather daunting, from a spec-reading and dev-time perspective. Of course, Phil,the real C ninja, has done 99% of the m-a-c coding, so he may already have this all done ... ;-) Scott Battaglia wrote: > From my notes, we're looking at the follows: > > 1. Single Log Out > 2. Web SSO Profile > 3. Assertion Query/Request > 4. Attribute > 5. ECP > 5. Proxying (not yet established) > > I'd prefer to use RESTful APIs vs. SOAP APIs if possible, and as stated > before would like to look for some method sharing keys that doesn't > require explicit key exchanges and updates on servers. Any thoughts on > that would be appreciated. > > Thanks > -Scott > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > On Mon, Oct 20, 2008 at 8:17 AM, Scott Battaglia > <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: > > Matt, > > There's a few profiles that we're looking at. Eric Pierce and I > spent some time at the UnConference looking this stuff over. The > notes are on my notebook so when I turn it on later, I'll send the > notes out to the list. > > I want to be very careful about making sure that CAS is still as > easy to deploy as before, despite using SAML so I'll be looking for > feedback from the CAS client developers on the profiles. I'm also > interested in creating RESTful bind points instead of using SOAP, > and relying on temporary key exchanges if possible instead of > sharing public keys between the IdP and SPs if possible (or some > other appropriate method). Any thoughts on that would be > appreciated ;-) > > Off to start up my notebook... > > -Scott > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > On Fri, Oct 17, 2008 at 5:19 PM, Matt Smith <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Scott- > Are you looking for CAS clients to support SAML multi-profile > support (Artifact, POST, SLO?) for a coordinated roll-out? > -Matt > > On Fri, Oct 17, 2008 at 2:01 PM, Scott Battaglia > <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> > wrote: > > CAS Client Developers (I'm looking at you phpCAS, > mod_auth_cas, etc.), > > > > If you recently attended the UnConference you're familiar with > the fact that > > CAS4 will be supporting a few SAML profiles (more details on > that later) in > > addition to the CAS1 and CAS2 protocols. I've been charged by > the steering > > committee to construct the finalized CAS4 roadmap based on the > existing > > vision and roadmap. I'd like to coordinate with the major > (and possibly > > all) CAS client developers to make sure that the CAS clients > are ready for > > when CAS4 comes out for those who want to take advantage of > the new SAML > > features. > > > > We're currently targeting a Spring '09 release of CAS4. > Please let me know > > how that correlates to the develop roadmaps for the various > CAS clients. > > > > Thanks! > > -Scott > > > > -Scott Battaglia > > PGP Public Key Id: 0x383733AA > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > _______________________________________________ > > cas-dev mailing list > > [email protected] <mailto:[email protected]> > > http://tp.its.yale.edu/mailman/listinfo/cas-dev > > > > > > > > -- > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > Key ID:D6EEC5B5 > _______________________________________________ > cas-dev mailing list > [email protected] <mailto:[email protected]> > http://tp.its.yale.edu/mailman/listinfo/cas-dev > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > cas-dev mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas-dev - -- Matthew J. Smith University of Connecticut ITS [EMAIL PROTECTED] PGP KeyID: 0xE9C5244E -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFI/OTzGP63pOnFJE4RAm4pAJ9V9JIxl9Y3VYmWtd9Z5LumCzzq4gCdFmmO QfgcwM6eImGelft+ZivJHik= =0dT8 -----END PGP SIGNATURE----- _______________________________________________ cas-dev mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas-dev
