I would do a Java SAML 2 API if CAS would drive the requirements. And, we could do only what's necessary for CAS4 for now. A thought. This way too CAS could be involved in the production of a viable SAML Java API. And, I'm looking for something to take to the JCP.
Any votes? David On 10/29/08, Eric Pierce <[EMAIL PROTECTED]> wrote: > Scott Cantor was at the JA-SIG UnConference and said that there might be an > "official" Java SP in the future, but no time soon. Since there are Java > SPs that work (There's one here: > http://www.softwareborsen.dk/projekter/softwarecenter/brugerstyring/oio-saml-java), > the Shib community wants to find people that need something that isn't > provided by the existing Java SPs to warrant the development effort. > > There are SAML 2 libraries for a couple of languages in addition to the > OpenSAML C++ & Java libs: > PHP -- http://rnd.feide.no/simplesamlphp > Ruby -- > https://opensso.dev.java.net/source/browse/opensso/extensions/saml2ruby/source/README?view=markup > C/PERL/Java -- http://zxid.org/ > > ZXID actually looks like a really promising project for this - from their > main page: > > ZXID project has currently (April 2008) six outputs > libzxid -- A C library for supporting SAML 2.0, including federated Single > Sign-On (SSO) > zxid -- A C program that implements a SAML Service Provider (SP) as a CGI > script > Net::SAML -- A Perl module wrapping libzxid. Also zxid.pl, that implements > SP in mod_perl environment, is supplied. > php_zxid -- A PHP extension that wraps libzxid. Also supplied: zxid.php that > implements SP in mod_php environment. > libzxidjni.so -- A Java JNI extension that wraps libzxid. Also supplied: > zxid.java that implements SP as a CGI script. zxidhlo.java demonstrates use > under servlet engine, e.g. Tomcat. > mod_auth_saml -- An Apache httpd auth module that does SAML SSO. > > > Eric Pierce, RHCE -- University of South Florida -- (813) 974-8868 -- > [EMAIL PROTECTED] > > > On Wed, Oct 29, 2008 at 10:55 AM, Marvin S. Addison <[EMAIL PROTECTED]> wrote: > > > > > We can also look at the Shibboleth SP, which should be SAML compliant > and > > > thus compatible with future CAS versions. I'm not familiar with it > though. > > > Have you looked at it at all? > > > > We recently pushed our Shib IDP installation into production and have > > a working test SP up and running. I'm not clear at all how CAS would > > integrate with the SP to relieve some of the integration concerns with > > SAML message processing. What are you thinking here? Maybe we could > > evaluate the feasibility of integration if we had some idea of how it > > _might_ work. > > > > I will add that at present the Shib SP is implemented as an Apache > > module, which would dramatically limit integration options with CAS. > > There is a Java SP on the roadmap, but it's my understanding that > > development has not yet started and it's uncertain when it will even > > begin. If any Shib folks on the list want to qualify or correct that > > statement, please speak up. > > > > Marvin > > _______________________________________________ > > cas-dev mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas-dev > > > _______________________________________________ > cas-dev mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas-dev > > _______________________________________________ cas-dev mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas-dev
