Thats great!. Since most of the SAML users now upgrading to the SAML 2.0,
having SAML 2.0 support with Rampart/C will be a great deal. Add to that why
not implement the SAML 2.0 platform in a whole rather than SAML Assertion
(token) support.As I got to know, SAML 2.0 has some powerful features
compared to the previous versions.
On 5/12/08, Supun Kamburugamuva <[EMAIL PROTECTED]> wrote:
>
> Hi List,
>
> At the moment Rampart/C has an implementation of SAML 1.1 specification.
> This implementation facilitates creation and processing of SAML 1.1
> Assertions. SAML token profile 1.0 is also implemented into the Rampart/C.
> This token profile facilitate the sending and processing of SAML
> Assertions
> inside the security header. I think it is time to implement SAML 2.0.
>
> AFAIK SAML 2.0 doesn't has a token profile for Web Services. So the
> initial
> implementation will focus on creation and processing of SAML tokens and
> nothing will be asserted about how the SAML tokens are sent in the
> Security
> header. One option is to send them as custom tokens.
>
> SAML 2.0 implementation will focus on the SAML Assertions. This
> implementation will be a tree like structure (Object model) which can be
> used for easy processing of SAML Assertions. For example something like
> struct saml2_assertion_t will be at the top and all other structures
> representing the SAML constructs like statements, conditions will be
> fields
> in this saml2_assertion_t. Structures like saml2_statement_t will host
> other
> structures forming a tree like structure.
>
> Any comments are highly appreciated.
>
> Regards,
>
> Supun..
>
