OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [saml-dev] What are folks using for STS?


Hi there Candido

 

Thank you very much for this info and the links.

 

We know of Metro of course, but your implementation sounds interesting.

 

We have SAML assertions both ways

 

Yes, it would be great if we could get a copy of it. We would probably need to modify it (like for example we don't have X.509 inbound) but it might save duplicative development time.

 

Thanks again

 

Cheers

Colin

 

 

From: Candido Rodriguez Montes [mailto:kan@cica.es]
Sent: Monday, 30 August 2010 8:32 p.m.
To: Colin Wallis
Cc: 'saml-dev@lists.oasis-open.org'
Subject: Re: [saml-dev] What are folks using for STS?

 

Hi Colin,

 

On Aug 30, 2010, at 2:14 AM, Colin Wallis wrote:



Greetings all

 

As we move forward into the broader identity federation space we are looking to leverage the features of a typical Security Token Service.

 

We have been looking around at what commercial and open source products are around (as a few of you on this list will know.:-)) with a view to go forward with one or two.  We are a SAML shop so SAML tokens are being passed.  The government agencies here are running the whole gamut of environments (.NET, PHP etc) that the product would have to support.

 

What are you using in the STS space?

 

In my company, PRiSE [1], we've developed a full open-based STS solution for the regional government of Andalusia (south of Spain). We didn't use a software in particular as the functionality of a STS is quite general: receive a security token and then issue a new one, probably in another format. In our case the STS should receive a X.509 digital certificate or a valid SAML assertion and then issue a new signed SAML assertion as security token. 

So, using the Metro [2] java library we developed a STS in a short time: more or less 1 month. Also, we've developed some nice client Java and PHP libraries in order to make things easier for their developers.

That government hasn't published the software in their website yet but I know that it is free software, so if you're interested in, I can ask them to give you a copy of it.

 

Regards

 



 

Cheers

Colin

 

Colin Wallis

Authentication Standards Manager, Government Technology Services

Department of Internal Affairs

New Zealand Government

PO Box 10-526, Wellington 6143

New Zealand

t: +64 4 463 1337

m: +64 27 244 7135

Alternative email: colin_wallis@hotmail.com

 

 

====
CAUTION:  This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you.
====

 

====
CAUTION:  This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you.
====


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]