As I recall the SAML implementation in higgins was targeted to work with Google.
It would need significant work to come up to SimpleSAMLphp, or Shibboleth 2. Shib 2 has some information card and openID support but is looking for people to maintain that. Especially if you require Kerberos Shib 2 is probably your best bet. John B. On 2010-08-12, at 3:54 AM, Stefano Gargiulo wrote: >> - does it support SAML federation metadata in xml? > > i just read this: > >> Configure the SAML2 RP >> The saml2idp.test web application project contains the following files in >> the WebContent/conf folder: >> ...omississ... >> idp/cacert.pem: This is the matching certificate (including a public key) >> for the private key of the IdP. It is used to verify XML Signatures in SAML >> 2.0 messages received from the IdP. The file is expected to have a X509 >> structure and be in PEM (ascii) format. > > So i suppose that higgins SP can trust just one IdP, and discovery service > protocol is not supported i'm right? > > And the IdP: > >> rp/*.pem: Every file ending in ".pem" in the rp/ subdirectory is considered >> to be a matching certificate (including a public key) for the private key of >> an RP, from which requests should be accepted. It is used to verify XML >> Signatures in SAML 2.0 messages received from RPs. The file is expected to >> have a X509 structure and be in PEM (ascii) format. > > > but where i can put the endpoints of all the services? or is it supposed to > interoperate just with Higgins RP? > > > Pratically my question is: can i interoperate higgins idp and sp with a > federation metadata like this: > > https://www.idem.garr.it/docs/conf/idem-test-metadata.xml > > ? > > Best regards, > Stefano. > > >> >> Hi all, >> >> I'm sorry: i don't know if i can ask things like this in this mailing list >> but i didn't found any higgins-users ML. >> >> First of all congraturations: I discovered this awesome project today! I >> come from Shibboleth, simpleSAMLphp, and OpenSSO (but now I'm implementing a >> new SSO federation, so i just looked around for news) >> >> I like very much the innovative idea behind Higgins, so i want to try it, >> but i've to be care because in the future my new SSO federation will need to >> interoperate with a bigger one that's strongly based on Shibboleth (IDEM, >> the italian educational federation) so before starting i've two questions, >> one concerning the IdP and one for the Java RP: >> >> 1) Can the SAML2 IdP fully interoperate with Shibboleth and SimpleSAMLphp >> SP? (we call SP, Service Provider, what you call RP)? >> Does it support federation metadata in xml format? >> Does it support attribute query profile? >> Single Logout Request? >> Attribute Aggregation (can it be an AtrributeAuthority?) etc? >> >> Or simply please tell me any know lack into the SAML IdP implementation... >> >> >> 2) Does the Java RP includes an interoperable SAML implementation? (i can't >> understand this in the official website) >> >> >> >> Best regards, >> Stefano. >> >> >> >> > _______________________________________________ > higgins-dev mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/higgins-dev
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ higgins-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/higgins-dev
