[cas-dev] SAML Support in CAS3

[Scott Battaglia]

CAS Developers,

I've started working on support for the SAML protocol within CAS.  The goal
is to be able to support simultaneously accepting and responding to CAS2 and
SAML requests. To that end, I've implemented the following classes:

http://developer.ja-sig.org/source/browse/jasig/cas3/core/src/main/java/org/jasig/cas/web/view/Saml10SuccessResponseView.java
http://developer.ja-sig.org/source/browse/jasig/cas3/core/src/main/java/org/jasig/cas/web/view/Saml10FailureResponseView.java
http://developer.ja-sig.org/source/browse/jasig/cas3/core/src/main/java/org/jasig/cas/web/support/ArgumentExtractor.java
http://developer.ja-sig.org/source/browse/jasig/cas3/core/src/main/java/org/jasig/cas/web/support/CasArgumentExtractor.java
http://developer.ja-sig.org/source/browse/jasig/cas3/core/src/main/java/org/jasig/cas/util/SamlCompliantUniqueTicketIdGenerator.java
http://developer.ja-sig.org/source/browse/jasig/cas3/core/src/main/java/org/jasig/cas/web/support/SamlArgumentExtractor.java
http://developer.ja-sig.org/source/browse/jasig/cas3/core/src/main/java/org/jasig/cas/web/flow/DynamicRedirectViewSelector.java

If anyone who is more familar with SAML, please check out these
implementations (specifically the views and the IdGenerator).

I've exposed a SAML response via /samlValidate (is there a normal URL that
SAML specifies should be used?)

Still on the TODO list:
* Right now you can only generate IDs for ServiceTickets or SAML Artifacts,
but not both (which is annoying that they both specify two completely
different ways of generating Ids)
* The SAML response does not return a proxied response yet (I need to read
the SAML spec more to figure this out...unless someone knows the answer
already.  Can we just return multiple authentications?)

-Scott
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20060827/6c01366b/attachment.html