Re: [higgins-dev] encrypted assertions with higgins saml2 util library

[Markus Sabadello <markus.sabadello@xxxxxxxxx>]

If you create such an EncryptedAssertion class or other extensions to that library, would you be interested in contributing them to Higgins? I think that if those extensions are generic enough (not limited to your particular use case), they could fit well into what we already have.

Markus

On Wed, Jun 10, 2009 at 3:38 AM, Torgeir Veimo <torgeir@xxxxxxxxxxxxxx> wrote:

2009/6/10 Markus Sabadello <markus.sabadello@xxxxxxxxx>:

> Hello Torgeir,
>
> The Higgins SAML2 utility library (org.eclipse.higgins.util.saml) was
> written primarily to support the SAML2 IdP
> (http://wiki.eclipse.org/SAML2_IdP). It is by no means a complete SAML2
> implementation, and it should NOT be used for the following:
> - Issuing tokens for a card (use the STS component instead)
> - Decrypting/Verifying/Parsing tokens from a card (use the RP enablement
> component instead)
> - Generic SAML / SAML2 stuff (use a library such as OpenSAML instead)

Yet the simplicity of the library is what makes it so compelling. It
works nicely with the saml2api's login servlet (although it uses a
slightly older version of the utility library) to provide a very
simple to use library when all one needs to do is to delegate
authentication to an IdP for some SP.

I don't think it will be to hard to implement what i need. I basically
need to initialise a key with my private certificate from the
environment, add a getEncryptedAssertion method that provides an
EncryptedAssertion class, providing a decrypt() method. My assumption
is then that the decrypted content is simply an xml fragment that
needs to be parsed to be used similar to the normal unencrypted
assertion.

--

-Tor
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev