I Done Left Los Windows…
Archive for the ‘Software’ Category
..lists eight (at this time) open source SAML implementations of one flavor or another. If you have one and it isn’t listed there as yet, create an account and edit the wiki page appropriately 😉
Andreas Åkre Solberg writes on his Feide blog..
simpleSAMLphp 0.3 is launched. Most interesting in this new release is the SAML 2.0 IdP functionality. The documentation is not covering everything in detail yet, but it should be sufficient to get something up running.
The simpleSAMLphp 0.3 package also features a Shibboleth 1.3-compatible SP written in PHP.
Various folks in what is becoming known as the “scripter” community, i.e. people who code in Perl/PHP/Python/Ruby scripting languages, have complained that SAML is “too hard” to implement, for essentially two reasons..
- Having to parse XML.
- Having to use XMLdsig — XML Digital Signature specification.
The first excuse is becoming more and more moot as tools and techniques proliferate and experience grows.
The second is, it appears, becoming more mitigated with the appearance of various packages that implement XMLdsig for the scripting world. Here’s pointers to a couple…
Rob Richard’s XMLseclibs for PHP
Now, I hear that some in the scripter community perhaps won’t like the XMLsig package because it is scripting languages wrapped around C wrapped around the xmlsec library (http://www.aleksey.com/xmlsec/), rather than a “native” scripting-language implementation, which is what Rob Richard’s apparently is. Well, time will tell, and in any case, it is good to see this base beginning to get covered.
[later addition; 27-Dec-2006]
John Kemp points out that he wrote up a brief HowTo paper on writing essentially a library similar to XMLsig-for-Dynamic-Langs, for PHP, back in April 2006. Since Aleksey Sanin has already done the work of implementing XMLdsig, it seems to me to make sense to take advantage of it. Here’s JohnK’s material…
PHP XML Signatures
XML Signatures in PHP