[OpenSAML] Need favour to start workign with SAML
murali...@yahoo.co.in
As part of my work assignments, I have come across an requirement where I should use SAML to consume the SAML assertions sent by IDP(identity provider)
My project scenario is:
The End-user logs into the application(IDP)successfully and clicks on a link(Service Providers). When the user clicks on SP link, the IDP would send the SAML assertion in the String format.
As an Service Provider, my application should retrieve the SAML String and process(i.e., validate and verify the signature) it. If the signature and assertions are ok, then the user would be redirected to actual requested page.
I am new to SAML and in a confusion, where to start to achieve this.
Please can some one guide me how to start with SAML in the above scenario? and any help for clarifying the following would be appreciated.
1. Is there any function available for retrieving and processing the SAML string in SAML API?
2. How can I use the API to validate and verifying the SAML signature?
3. Any explanation with sample code fragments would be highly appreciated.
Many Thanks,
Regards,
Amul
Chad La Joie
implementations of such a thing; Shibboleth (in C++)[1], OIO[2],
OpenSSO[3], and ESOE [4] (all in Java). At this point, unless you have
unique requirements, and nothing you said here indicates that you do,
you should use one of the existing ones.
[1] http://shibboleth.internet2.edu
[2]
http://www.softwareborsen.dk/projekter/softwarecenter/brugerstyring/oio-saml-java
[3] https://opensso.dev.java.net/
[4] http://esoeproject.org/
--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
chad....@switch.ch, http://www.switch.ch