Google Groups Home
Help | Sign in
ESOE Users
+ new post
Home
About this group
Join this group
Message from discussion Is ESOE the right framework for my needs?
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
Bradley Beddoes  
View profile
  More options Jun 4, 9:06 am
From: Bradley Beddoes <bedd...@intient.com>
Date: Wed, 04 Jun 2008 09:06:30 +1000
Local: Wed, Jun 4 2008 9:06 am
Subject: Re: [esoe-users] Re: Is ESOE the right framework for my needs?
Reply to author | Forward | Print | View thread | Show original | Report this message | Find messages by this author
Hi Markus,
I got the ordering of my answer slightly backwards last night (it was
late, I was tired :) ).

Can ESOE act as a SAML 2.0 identity provider?
Yes ESOE is a SAML 2.0 implementation. Currently supporting the GET and
POST profiles. Artifact profile support is planned and if needed earlier
would again not be much effort to knock over.

Does ESOE support SAML 2.0 authentication?
ESOE itself (ESOE refers to the server side software) doesn't but we
have ESOE compliant service providers (the SAML term for the software
that embeds with applications like xwiki) that perform this role
available for Java containers, as an Apache Module and as an IIS filter.

This diagram:
http://esoeproject.org/confluence/display/ed/ESOE+Design+Diagram
while a bit technical may help with visualising the layout. As you can
see ESOE is the core engine and our SP (SPEP in the diagram)
implementations are the external components that live with each application.

Other answers inline:

Markus Lanthaler wrote:
> Bradley!

> Thanks a lot for the quick reply.

>>>   - Can ESOE act as a OpenID 2.0 identity provider (OP)
>> Not as yet but this would not be a hard endpoint to implement all the
>> authentication and identity data is there and there are already several
>> servlets to handle the OpenID side so you'd just need to plug together.
>> Infact I am sure the library we use for the RP also has IDP components.

> Which library are you using?

OpenID 4 Java - http://code.google.com/p/openid4java/

>>>   - Does ESOE support SAML 2.0 authentication (RP)
>> Yes ESOE is a SAML 2.0 system. Currently supporting the GET and POST
>> profiles. Artifact profile support is planned and if needed earlier
>> would again not be much effort to knock over.

> Can you give me an estimate when this will be implemented?

Its on the todo list to complete by around October. It isn't necessary
to have this extra profile, we've got several large customers using POST
and GET without issue. Its more a want to give clients the option to use
artifact and of course to get more of the SAML 2.0 spec implemented.

If you wanted this before hand your welcome to contribute the code.

>>>   - Can ESOE act as a SAML 2.0 identity provider (OP)
>> ESOE itself doesn't but we have ESOE compliant service providers (the
>> SAML term) that perform this role available for Java containers, as an
>> Apache Module and as an IIS filter.

> OK..

Sorry again about this I realize how confusing it must have been :).

regards,
Bradley

--
Bradley Beddoes
Lead Software Architect
Intient Pty Ltd

Join me on LinkedIn: http://www.linkedin.com/in/beddoes


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2008 Google