Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"

Re: Perl and SAML

by idsfa (Vicar)
on Mar 07, 2007 at 06:20 UTC ( #603573=note: print w/replies, xml ) Need Help??

in reply to Perl and SAML

The part of SAML which you need to verify the x.509 signature is XMLSec. This example (in C) illustrates how to use the C library to do this. Unfortunately, there aren't any perl bindings (yet) for this library (though the author is open to the idea).

Parsing the values out of the XML document is, as you say, the easy part ...

The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon

Replies are listed 'Best First'.
Re^2: Perl and SAML
by Hammy (Scribe) on Mar 07, 2007 at 12:38 UTC
    Thanks for taking the time to straighten me out. Conceptually, can't I just take the following steps

    Use crypt:x509 to decipher certificate
    Pull out the public key piece
    Use the public key with the MD5 HASH to verify the signature?

    That is the best I can get from the documentation.

      If you don't want to build your own SAML. Check out AssureBridge SSOExchange. It's a hosted service that integrates into Perl Apps with a few lines of code and provides full SAML functionality.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://603573]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (8)
As of 2020-10-01 08:18 GMT
Find Nodes?
    Voting Booth?
    If at first I donít succeed, I Ö

    Results (177 votes). Check out past polls.