Re: SAML 1.1 help

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Lisa Kachold
Date:  
To: Main PLUG discussion list
Subject: Re: SAML 1.1 help
Hi Kevin,

Why recreate the wheel?

CAS <https://wiki.jasig.org/display/CASUM>

If you determine you really don't need CAS, perhaps this discussion of
CAS<https://wiki.jasig.org/display/CASUM> implementation
and SAML+1.1 ticket validation:
https://wiki.jasig.org/display/CASUM/SAML+1.1 might help?





On Fri, Dec 28, 2012 at 2:48 PM, Kevin Brown <>wrote:

> So, new job... I've been tasked with implementing SSO using SAML 1.1. The
> client provided a document that gives an example of the Response object
> that will be forwarded into our site when a user goes to login. I'm trying
> to figure out how to validate the XML that I'm given so that I don't
> blindly trust that the document hasn't been modified in some way or just
> faked.
> I have the keys (DigestValue and SignatureValue), but when I try to do a
> sha1 of the xml (minus all the parts in the <Signature></Signature>
> section, the hash doesn't match.
> Does anyone have any experience with this that they might be able to point
> me in the right direction?
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>




--

(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
Chief Clown
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss