The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.
Blogs
vijaymittal
reading private key from a file(.pem) and sign SAML Assertion
Hi,
I am
working on SAML assertion. I have a private key abc.pem. I want to read
this file and sign the assertion. The code I found on the internet is
what I have written. I might be wrong, but somehow I think this code is
for generation private key from a public key, which is what I don't
want. I already have a private key, alias and its password. I just want
to read it from file and sign the assertion. You help would be greatly
appreciated.
Thanks,
Vijay
Feide RnD
SAML 2.0 Usability
I've started some work on SAML 2.0 usability from a service provider's point of view. The more complex architectures you make with SAML 2.0, often the usability suffers. In particular series of "Where are you from" interfaces, and service provider not already know about an existing SSO sessions are the two main problems I try to solve.
jluke
CALCULATING DIGEST OF AN AUTHENTICATION STATEMENT
I'm trying to calculate the Digest value of a SAML Authentication
STatement whith the SHA-1 algorithm. Let us suppose that we are dealing
with a string representing the following node:
<saml:AuthenticationStatement>
<saml:Subject>
<saml:NameIdentifier>JLUKE</saml:NameIdentifier>
</saml:Subject>
</saml:AuthenticationStatement>
When I try to calculate SHA-1 with the function b64_sha1(str2Digest) what
Pushing String blog: http://www.xmlgrrl.com/blog
Upcoming SSTC work items
The SSTC's "call for profiling intentions" netted some good information. We've collected it on our working wiki and will keep that CfPI2008 page updated - in fact, we've already seen several of the promised draft documents, so things are hopping in the TC.
If you know of other third-party work that will benefit from SSTC review, or are an SSTC member and plan to submit a profile or extension for consideration, please let me know.
Pushing String blog: http://www.xmlgrrl.com/blog
Call for Profiling Intentions
The SSTC is issuing a "call for profiling intentions" in order to organize its work for the next several months. If you are planning to submit a SAML profile, binding, or extension to the SSTC for its consideration sometime soon(ish), please drop me a note with a proposed title, short abstract/rationale, and the timeframe in which you plan to bring the draft to the SSTC.
Similarly, if you are working on a SAML profile or extension in your own venue and want to seek the SSTC's guidance, let us know that as well.
Search
SUBSCRIBE
RECENT CONTENT
- SAML Wiki Knowledgebase
9 years ago - SAML 2.0 with java Sample
10 years ago - Govt Computer News: 'The power of one password'
10 years ago
1 reply - OASIS approves SAML 2.0 Errata
10 years ago
1 reply - IBM Pushes Federated Identity Management
10 years ago
1 reply - VMware Unveils Horizon App Manager
10 years ago
1 reply
