Apologies for the blank message, going to introduce this phone to a hammer.

Sent from my Verizon Wireless 4G LTE DROID


Tom Jones <tjones136@cox.net> wrote:


Sent from my Verizon Wireless 4G LTE DROID


Lisa Kachold <lisakachold@obnosis.com> wrote:

Did you read through the CAS documentation?

It's extensive (which means it's extensible and includes all manner of clients so your work won't be a "one man' show" or "unsupportable hack" [which is why we are all hanging off the open source wagon in the first place]).

This might bring compatibility issues into clear focus:  https://wiki.jasig.org/display/CASC/AuthCAS

If you don't use CAS, you might look at the code they used in this piece.  

After all, we don't go into a little room and pull code out of our armpits, do we?  It's cut, splice, modify for our purposes and debug; is it not?




On Sat, Dec 29, 2012 at 9:39 AM, Kevin Brown <kevinbrownbdc@gmail.com> wrote:
 I need it to work with the environment that the company already has in existence. Everything they use is Apache 1 with mod_perl.
Hi Kevin,

Why recreate the wheel?

CAS <%20https://wiki.jasig.org/display/CASUM>

If you determine you really don't need CAS, perhaps this discussion of CAS <%20https://wiki.jasig.org/display/CASUM> implementation and SAML+1.1 ticket validation: https://wiki.jasig.org/display/CASUM/SAML+1.1 might help?






On Fri, Dec 28, 2012 at 2:48 PM, Kevin Brown <kevinbrownbdc@gmail.com <mailto:kevinbrownbdc@gmail.com>> wrote:

    So, new job... I've been tasked with implementing SSO using SAML
    1.1. The client provided a document that gives an example of the
    Response object that will be forwarded into our site when a user
    goes to login. I'm trying to figure out how to validate the XML
    that I'm given so that I don't blindly trust that the document
    hasn't been modified in some way or just faked.
    I have the keys (DigestValue and SignatureValue), but when I try
    to do a sha1 of the xml (minus all the parts in the
    <Signature></Signature> section, the hash doesn't match.
    Does anyone have any experience with this that they might be able
    to point me in the right direction?

    ---------------------------------------------------
    PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
    <mailto:PLUG-discuss@lists.phxlinux.org>

    To subscribe, unsubscribe, or to change your mail settings:
    http://lists.phxlinux.org/mailman/listinfo/plug-discuss




--

(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com <http://it-clowns.com>
Chief Clown















---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss



--

(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
Chief Clown