samuel gets saml2 metadata
Wed, Aug 3, 2005
Well, I’m completely out of cakes now. That took a wee while, well, two days reading and two days coding but enough to empty the cake trolley. What SAMUEL now has is a set of object bindings for SAML2 Metadata. I’m going to use these in the Guanxi Service Provider to authenticate and manage Guards from the Engine. There wasn’t a suitable type in the SAML2 metadata so I created a new extension schema for a GuanxiGuardDescriptor which will allow the Engine to identity, authenticate and communicate with it’s Guards.
The core elements I’m implemented at the moment are:
EntityDescriptor, RoleDescriptor, KeyDescriptor, ContactPerson, and Organization.
The objects being created along the way via SAX parsing a SAML2 metadata file. Planning for each guard to have it’s own metadata file, rather than have a huge one with everything under one EntitiesDescriptor. So there’ll be a parse fest when the Engine starts up. Best to have all the heavyweight SAML work done on startup rather than on the fly parsing when a Guard initiates a session.
It’s all in cvs under samuel:/src/org/guanxi/samuel/saml/metadata
Must order some more cakes…