[openstack-dev] [keystone federation] some questions about keystone IDP with SAML supported
John Dennis
jdennis at redhat.com
Wed Oct 14 17:12:20 UTC 2015
On 10/14/2015 11:58 AM, Marek Denis wrote:
> pretty much - yes! Luckily for you the reference libraries (shibboleth)
> are written in Java so it should be easier to integrate with your
> application.
Only the Shibboleth IdP is written in Java. Shibboleth the SP is written
in C++. If you're trying to implement an ECP client you'll probably find
more support in the C++ SP implementation libraries for what you need.
Actually writing an ECP client is not difficult, you could probably
cobble one together pretty easily from the standard Java libraries. An
ECP client only needs to be able to parse and generate XML and
communicate via HTTP. It does not need to be able to read or generate
any SAML specific XML because an ECP client encapsulates the SAML in
other XML (e.g. SOAP).
--
John
More information about the OpenStack-dev
mailing list