cmrockwell commented on a change in pull request #51: SAML2 Service Provider Pull Request URL: https://github.com/apache/sling-whiteboard/pull/51#discussion_r405745042
########## File path: saml-handler/README.md ########## @@ -0,0 +1,33 @@ +# Apache Sling SAML2 Handler (NOT FOR PRODUCTION) + +This project is intended to be a contribution to the [Apache Sling](https://sling.apache.org) project; + it has a SAML2 Service Provider Authentication Handler and the associated SAML2 servlets and utilities. +It is a work in progress and not production ready! + +SP_POST_Request;_IdP_POST_Response +https://en.wikipedia.org/wiki/SAML_2.0#SP_POST_Request;_IdP_POST_Response + +![](SAML2-browser-post.png) + +## This bundle +- Will allow Sling applications to authenticate users against Identity Providers (idp) +such as Shibboleth using SAML2 protocols. +- Will sync of user management based on the SAML2 Assertion and OSGi bundle configs + - Sync attributes from the IDP to the User as specified in the bundle OSGi configs + - Create the user upon successful IDP authentication + - Sync user membership of groups as defined in the OSGi configs +- Packages + - `idp` is a test fixture based on the OpenSAML V3 eBook. It will be useful for minimizing + setup for testing purposes. Set to disabled for production. + - `sp` is the package for service provider classes, servlets and the + Sling authentication handler + - `Helpers` static utilities for help using the opensaml library + + +This code is Derivative Works from [webprofile-ref-project-v3](https://bitbucket.org/srasmusson/webprofile-ref-project-v3) Review comment: I added a notice file. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services