I’ve added OAuth support in a module in SimpleSAMLphp and made a proof of concept demo on how to perform authentication initiated from a command line client.

Read more: 

https://rnd.feide.no/content/federated-command-line-client-authenticatio...

The background

Read more

Hi,

I am working on SAML assertion. I have a private key abc.pem. I want to read this file and sign the assertion. The code I found on the internet is what I have written. I might be wrong, but somehow I think this code is for generation private key from a public key, which is what I don't want. I already have a private key, alias and its password. I just want to read it from file and sign the assertion. You help would be greatly appreciated.

Thanks,
Vijay

 

Read more

I've started some work on SAML 2.0 usability from a service provider's point of view. The more complex architectures you make with SAML 2.0, often the usability suffers. In particular series of "Where are you from" interfaces, and service provider not already know about an existing SSO sessions are the two main problems I try to solve.

Read more

Hi there  
 I'm trying to calculate the Digest value of a SAML Authentication
STatement whith the SHA-1 algorithm. Let us suppose that we are dealing
with a string representing the following node:

<saml:AuthenticationStatement>
    <saml:Subject>
        <saml:NameIdentifier>JLUKE</saml:NameIdentifier>
    </saml:Subject>
</saml:AuthenticationStatement>

When I try to calculate SHA-1 with the function  b64_sha1(str2Digest)  what

Read more

The SSTC's "call for profiling intentions" netted some good information. We've collected it on our working wiki and will keep that CfPI2008 page updated - in fact, we've already seen several of the promised draft documents, so things are hopping in the TC.

If you know of other third-party work that will benefit from SSTC review, or are an SSTC member and plan to submit a profile or extension for consideration, please let me know.