SAML 1.1 help

Tom Jones tjones136 at cox.net
Sat Dec 29 16:07:47 MST 2012


Apologies for the blank message, going to introduce this phone to a hammer.

Sent from my Verizon Wireless 4G LTE DROID

Tom Jones <tjones136 at cox.net> wrote:

>
>
>Sent from my Verizon Wireless 4G LTE DROID
>
>Lisa Kachold <lisakachold at obnosis.com> wrote:
>
>>Did you read through the CAS documentation?
>>
>>It's extensive (which means it's extensible and includes all manner of
>>clients so your work won't be a "one man' show" or "unsupportable hack"
>>[which is why we are all hanging off the open source wagon in the first
>>place]).
>>
>>This might bring compatibility issues into clear focus:
>>https://wiki.jasig.org/display/CASC/AuthCAS
>>
>>If you don't use CAS, you might look at the code they used in this piece.
>>
>>After all, we don't go into a little room and pull code out of our armpits,
>>do we?  It's cut, splice, modify for our purposes and debug; is it not?
>>
>>
>>
>>
>>On Sat, Dec 29, 2012 at 9:39 AM, Kevin Brown <kevinbrownbdc at gmail.com>wrote:
>>
>>>  I need it to work with the environment that the company already has in
>>> existence. Everything they use is Apache 1 with mod_perl.
>>>
>>>> Hi Kevin,
>>>>
>>>> Why recreate the wheel?
>>>>
>>>> CAS <%20https://wiki.jasig.org/**display/CASUM<https://wiki.jasig.org/display/CASUM>
>>>> >
>>>>
>>>> If you determine you really don't need CAS, perhaps this discussion of
>>>> CAS <%20https://wiki.jasig.org/**display/CASUM<https://wiki.jasig.org/display/CASUM>>
>>>> implementation and SAML+1.1 ticket validation: https://wiki.jasig.org/**
>>>> display/CASUM/SAML+1.1 <https://wiki.jasig.org/display/CASUM/SAML+1.1>might help?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Fri, Dec 28, 2012 at 2:48 PM, Kevin Brown <kevinbrownbdc at gmail.com<mailto:
>>>> kevinbrownbdc at gmail.**com <kevinbrownbdc at gmail.com>>> wrote:
>>>>
>>>>     So, new job... I've been tasked with implementing SSO using SAML
>>>>     1.1. The client provided a document that gives an example of the
>>>>     Response object that will be forwarded into our site when a user
>>>>     goes to login. I'm trying to figure out how to validate the XML
>>>>     that I'm given so that I don't blindly trust that the document
>>>>     hasn't been modified in some way or just faked.
>>>>     I have the keys (DigestValue and SignatureValue), but when I try
>>>>     to do a sha1 of the xml (minus all the parts in the
>>>>     <Signature></Signature> section, the hash doesn't match.
>>>>     Does anyone have any experience with this that they might be able
>>>>     to point me in the right direction?
>>>>
>>>>     ------------------------------**---------------------
>>>>     PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.**org<PLUG-discuss at lists.phxlinux.org>
>>>>     <mailto:PLUG-discuss at lists.**phxlinux.org<PLUG-discuss at lists.phxlinux.org>
>>>> >
>>>>
>>>>     To subscribe, unsubscribe, or to change your mail settings:
>>>>     http://lists.phxlinux.org/**mailman/listinfo/plug-discuss<http://lists.phxlinux.org/mailman/listinfo/plug-discuss>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> (503) 754-4452 Android
>>>> (623) 239-3392 Skype
>>>> (623) 688-3392 Google Voice
>>>> **
>>>> it-clowns.com <http://it-clowns.com>
>>>> Chief Clown
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ------------------------------**---------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.**org<PLUG-discuss at lists.phxlinux.org>
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.phxlinux.org/**mailman/listinfo/plug-discuss<http://lists.phxlinux.org/mailman/listinfo/plug-discuss>
>>>>
>>>
>>> ------------------------------**---------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.**org<PLUG-discuss at lists.phxlinux.org>
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/**mailman/listinfo/plug-discuss<http://lists.phxlinux.org/mailman/listinfo/plug-discuss>
>>>
>>
>>
>>
>>-- 
>>
>>(503) 754-4452 Android
>>(623) 239-3392 Skype
>>(623) 688-3392 Google Voice
>>**
>>it-clowns.com
>>Chief Clown
>>
>>---------------------------------------------------
>>PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>To subscribe, unsubscribe, or to change your mail settings:
>>http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>---------------------------------------------------
>PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>To subscribe, unsubscribe, or to change your mail settings:
>http://lists.phxlinux.org/mailman/listinfo/plug-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20121229/81318beb/attachment.html>


More information about the PLUG-discuss mailing list