Hi Markus,
Markus Lanthaler wrote:
> Hello,
> I'm a Google Summer of Code Student at XWiki (www.xwiki.org).
Congrats that is a competitive gig to get.
My task is to
> add integration with a higher level authentication/authorisation framework
> to support SAML and OpenID authentication. So I'm currently evaluating
> various frameworks. ESOE seems to be very interesting.
Thanks we like it :).
> So my questions are:
> - Does ESOE support OpenID 2.0 authentication (RP)
Yes.
> - Can ESOE act as a OpenID 2.0 identity provider (OP)
Not as yet but this would not be a hard endpoint to implement all the
authentication and identity data is there and there are already several
servlets to handle the OpenID side so you'd just need to plug together.
Infact I am sure the library we use for the RP also has IDP components.
> - Does ESOE support SAML 2.0 authentication (RP)
Yes ESOE is a SAML 2.0 system. Currently supporting the GET and POST
profiles. Artifact profile support is planned and if needed earlier
would again not be much effort to knock over.
> - Can ESOE act as a SAML 2.0 identity provider (OP)
ESOE itself doesn't but we have ESOE compliant service providers (the
SAML term) that perform this role available for Java containers, as an
Apache Module and as an IIS filter.
> I saw that ESOE supports SAML and OpenID but I don't know which versions and
> I couldn't find out which scenarios are supported (OP and/or RP?).
No problem. We would be excited to see this integration work with xwiki
go ahead and be happy to advise/assist as appropriate. You may also be
interested in the ESOE VM to get running quickly more details at:
http://groups.google.com/group/esoe-users/browse_thread/thread/8d929c... Do stay in touch.
regards,
Bradley
--
Bradley Beddoes
Lead Software Architect
Intient Pty Ltd
Join me on LinkedIn: http://www.linkedin.com/in/beddoes
