samuel gets saml2 metadata

Wed, Aug 3, 2005

Well, I’m completely out of cakes now. That took a wee while, well, two days reading and two days coding but enough to empty the cake trolley. What SAMUEL now has is a set of object bindings for SAML2 Metadata. I’m going to use these in the Guanxi Service Provider to authenticate and manage Guards from the Engine. There wasn’t a suitable type in the SAML2 metadata so I created a new extension schema for a GuanxiGuardDescriptor which will allow the Engine to identity, authenticate and communicate with it’s Guards.

The core elements I’m implemented at the moment are:

EntityDescriptor, RoleDescriptor, KeyDescriptor, ContactPerson, and Organization.

The objects being created along the way via SAX parsing a SAML2 metadata file. Planning for each guard to have it’s own metadata file, rather than have a huge one with everything under one EntitiesDescriptor. So there’ll be a parse fest when the Engine starts up. Best to have all the heavyweight SAML work done on startup rather than on the fly parsing when a Guard initiates a session.

It’s all in cvs under samuel:/src/org/guanxi/samuel/saml/metadata

Must order some more cakes…

comments powered by Disqus