also this
http://www.slideshare.net/briandavidcampbell/hope-or-hype-a-look-at-the-next-generation-of-identity-standards
On Fri, Feb 7, 2014 at 12:17 PM, andrew mcelroy wrote:
> if you loved SOAP, you'll love SAML.
>
> some pitfalls with SAML
> http://www.youtube.com/watch?v=9Iw3xLj9040
>
> On br
if you loved SOAP, you'll love SAML.
some pitfalls with SAML
http://www.youtube.com/watch?v=9Iw3xLj9040
On breaking SAML
http://www.nds.rub.de/research/publications/BreakingSAML/
Granted this has been fixed. It's an overly complex mess. I would be
shocked if this "fixes" the standard.
To be f
Andrew,
Can you expand on the SAML is Bad vibe you are sending out? We have a
group who is pushing SAML in general and Shibboleth specifically. We are
not far down the path yet so it would be good to know the issues around it.
Thanks!
Andy
On Fri, Feb 7, 2014 at 10:48 AM, andrew mcelroy wr
sorry that I'm late to this thread, but if you can use Active
Directory/LDAP, OAuth, or even OpenID you will be much better off.
to butcher a Simpsons quote: " You don't make friends with SAML. You
don't make friends with SAML 10X (fade out) "
On Fri, Feb 7, 2014 at 9:44 AM, Jamie Faris wrote:
>
Here we use CAS [1] for Single Sign On among a few Java web apps. It
uses SAML and should be able to work with non-Java apps as well, we
just haven't tried yet. It has worked pretty well for us.
In our experience Single Sign Out is a much harder problem than Single Sign In.
Jamie
[1] http://ww
On Fri, Feb 7, 2014 at 12:56 AM, Paul Boniol wrote:
> There was a push at Vanderbilt to have "single sign on" -- I am guessing
> they meant for web apps. I don't know what they are using to do it. (I
> still have to enter my password at least three times at present: Windows,
> VPN, and web app
Hello,
When I was working at BMC, I worked on the Mid-tier second level Help Desk.
We would get a lot of calls from military clients who wanted to setup SSO.
BMC has a SSO product, but some companies decided to use LDAP to
authenticate instead and I had to assist in setting this up.
On the BMC co
There was a push at Vanderbilt to have "single sign on" -- I am guessing
they meant for web apps. I don't know what they are using to do it. (I
still have to enter my password at least three times at present: Windows,
VPN, and web application.)
Perhaps I don't know some secret, but the result s
Anybody got links on references to SAML? We'd like an overview and some
thoughts. Comments and war stories appreciated. There has been much
clamor in the user community for Single Sign On and much wringing of
hands and gnashing of teeth in the development and operations
communities trying to