Comments for codeBrane Blog

Comment on pi@pi : getting a headless Raspberry Pi on the wifi network by James

James — Thu, 21 Feb 2013 19:09:11 +0000

Thanks a lot this solved a lot of problems.. I have spend a whole week trying to do what you showed me in seconds. really grateful

Comment on Releasing the LDAP mail attribute from the Shibboleth IdP by Releasing the LDAP mail attribute from the Shibboleth IdP | JANUA - Open Source Identity Management | Scoop.it

Fri, 08 Feb 2013 14:43:58 +0000

[...] [...]

Comment on Vodafone Sure Signal with Linksys WAG54GS router by REBOOTING AN OLD NETGEAR ROUTER REMOTELY | COPIERNETEYE.COM

REBOOTING AN OLD NETGEAR ROUTER REMOTELY | COPIERNETEYE.COM — Thu, 03 Jan 2013 03:00:28 +0000

[...] Vodafone Sure Signal with Linksys WAG54GS router
[...]

Comment on Solving “the connection is already closed” error in Apache NMS by Alistair

Alistair — Thu, 19 Jul 2012 09:49:17 +0000

Are you using the same clientID that a producer is using? That’s what generates that error. I saw it again last week and it was caused by the same condition, a consumer connecting with the same clientID as a producer.

Comment on Solving “the connection is already closed” error in Apache NMS by Margo

Margo — Thu, 19 Jul 2012 09:28:32 +0000

I’m trying to set up a consumer – keep getting ‘the connection is already closed’ any ideas ?

Comment on Guanxi Guard release by Erwin

Erwin — Fri, 18 Nov 2011 13:46:22 +0000

Thank you very much for both tutorial and patience.
I wish you luck in future work.

Comment on Guanxi Guard release by Alistair

Alistair — Fri, 18 Nov 2011 13:14:55 +0000

I've updated the localhost tutorial Erwin: Localhost tutorial and you can now download a preconfigured localhost installation. There's a link to it from the end of the tutorial. I'm not concentrating on Shibboleth any more as SAML2 is the important part now.

Comment on Guanxi Guard release by Erwin

Erwin — Fri, 18 Nov 2011 11:03:34 +0000

I need to extract Assertion from Response id order to send it to external Authorisation Service, so it needs to be signed by IdP. If It’s not implemented I will probably have to do it by myself later.

I was able to receive SAML response only on older version of your codes
guanxi-idp-2.2.0
guanxi-wayf-1.2.8
guanxi-sp-engine-2.2.0
guanxi-sp-guard-2.2.0

Unfortunately I couldn’t cope with the latest versions (problems described in previous posts). So I will really appreciate if you update your tutorial.

Comment on Guanxi Guard release by Alistair

Alistair — Fri, 18 Nov 2011 09:24:33 +0000

Hi Erwin,
I don’t really see a need to sign the Assertion as it comes from the IdP and the IdP doesn’t bring in Assertions from other IdPs, so the Assertion is covered by the top level Response signature.
You can indeed encrypt the Assertion in the Response but only for SAML2:
WEB-INF/guanxi_idp/config/spring/services/saml2/web-browser-sso-service.xml
set “encryptAttributes” to “true”
It will only encrypt the attributes if it has the Service Provider’s public key though. This is the encryption key in the SP’s metadata which the IdP has.

Comment on Guanxi Guard release by Erwin

Erwin — Fri, 18 Nov 2011 09:16:22 +0000

Hi Alistair it’s me again.
I’ve got two more questions coresponding guanxi. In the end of comunication IdP send SAML Response and a SAML Assertion in it. In this implementation the Response is digitaly signed while Assertion isn’t. Have you foreseen a posibility of signing both Response and Assertion in it or even move signature from Response into the Assertion by only changing configuration files?

And a second one, is there a posibility to encrypt the SAML Assertion inside SAML Response? Have you foreseen such an option?