I finally gave in to the challenge and started Java modeling the SAML core. I'm not a big fan of the SOAP bindings but ... maybe that's more formal and widely accepted.
I agree with you and really like the REST principles. A REST call can be the first request to the service provider and then the SAML stuff is then transparent to the user. I'm going to create the API I wanted to create in 2004. I'm not sure if I can be operational in time for the CAS Java client and CAS4, but I'm going to try. David On Thu, Oct 30, 2008 at 5:06 PM, Scott Battaglia <[EMAIL PROTECTED]> wrote: > REST and SAML are two very different beasts. > > SAML is a Security Assertion Markup Language whereas REST is essentially a > model for creating an API to utilize your system based on resources. Our > RESTful API could return SAML. It could return text. It could return ASCII > art (which actually would be kind of cool). > > -Scott > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > On Thu, Oct 30, 2008 at 5:00 PM, Dale Ogilvie <[EMAIL PROTECTED]> > wrote: >> >> REST is handy for non-browser applications that want to use the >> centralized authentication system. >> >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of David Whitehurst >> Sent: Friday, 31 October 2008 1:35 a.m. >> To: Mailing list for CAS developers >> Subject: Re: [cas-dev] REST and SAML >> <snip> >> I'm confused now. Why would CAS support REST (very simple) and SAML? >> <snip> >> _______________________________________________ >> cas-dev mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas-dev > > > _______________________________________________ > cas-dev mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas-dev > > _______________________________________________ cas-dev mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas-dev
