-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 7/6/09 5:02 AM, Jonathan Dickinson wrote: > Has anyone thought about how SAML [Security Assertion Markup Language] > would work in terms of SASL <http://en.wikipedia.org/wiki/Saml> and > XMPP? This is especially interesting regarding the whole OpenID/SSO > discussion a while back; SAML isn’t bound to HTTP or any other client > for that matter (don’t get the wrong idea from the abundance of HTTP > documentation – it will work in any transport).
You want to use SAML to authenticate with the server, or to provide authorization for accessing certain resources (e.g., a chatroom) after you have authenticated? IMHO SAML is more focused on authorization than authentication: http://mail.jabber.org/pipermail/standards/2004-July/005804.html Yes, it would be possible to define a SASL mechanism for SAML, but that's outside the scope of XMPP (it's something that people would define in the SASL WG, I think). Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpSSh0ACgkQNL8k5A2w/vxwegCg5NQQrRRZDDHGyN7//Yx2oSJK bjEAn3NQLwlJAcscqrSJwL+6NtCpJ76+ =0j67 -----END PGP SIGNATURE----- _______________________________________________ JDev mailing list Forum: http://www.jabberforum.org/forumdisplay.php?f=20 Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: jdev-unsubscr...@jabber.org _______________________________________________
