headers
Stow, John | 21 Dec 2006 13:19
Picon
Favicon

Re: SourceID1.2 and WSAD5.1 -Federation Error-

Hi,

Im in the same boat as Masahito Numata was in January 2005:

I have performed the following steps

1. download the BouncyCastle encryption library (jar file)

2. copy it in <JAVA_HOME> /jre /lib /ext

3. add the jar file to CLASSPATH

4. edit <JAVA_HOME> /jre /lib /security /java.security

     security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider

Now, what String should the following statement return, and where does it come from?

SignatureAlgorithm.getImplementingClass("http://www.w3.org/2000/09/xmldsig#rsa-sha1");

Thanks,

John

_______________________________________________
sso-users mailing list
sso-users <at> lists.sourceid.org
http://lists.sourceid.org/cgi-bin/mailman/listinfo/sso-users
Permalink | Reply | 1 comment |
headers
webmaster | 22 Nov 2006 20:09

RE: Testing reconfiguration - please delete.

Please disregard this message. Testing the receipt and sending of the sso-users mailing list.
_______________________________________________
sso-users mailing list
sso-users <at> lists.sourceid.org
http://lists.sourceid.org/cgi-bin/mailman/listinfo/sso-users
Permalink | Reply | 0 comments |
headers
Annu Myllyniemi | 19 Sep 2006 14:24
Picon
Picon

ID-WSF & SourceID?

As far as I know, the current version of SourceID does not support Liberty 
ID-WSF features like attribute sharing. Can it be expected that an ID-WSF 
extension to SourceID, or a separate open-source ID-WSF toolkit, will be 
published in the near future? If yes, what would be the estimated release 
date?

Thanks,
    Annu
Permalink | Reply | 0 comments |
headers
Jean-Noel Colin | 19 Sep 2006 13:33
Picon

ID-FF Toolkit without JBoss

Hi,

I'm currently looking for an open-source library to implement Liberty  
Alliance ID-FF 1.2 profiles in our applications, mostly written in  
ColdFusion and Java, running on Apache. Although SourceID ID-FF  
toolkit seems to provide all the necessary features, it does not  
match my requirements as it requires a JBoss server to be deployed.  
Isn't there a way to use only the library part of the toolkit, and  
not the web part? This would allow to reuse in many different  
technical environments.

Also, where could I find the documentation for the API?

Best regards

Jean-Noel Colin
Permalink | Reply | 0 comments |
headers
prashant n | 28 Jul 2006 08:13

Re: Few SAML 1.1 & SAML 2.0 - PingFederateFederation Server questions

hi,

anyone to answere these ?

regards
shann

On Tue, 25 Jul 2006 2:42:25 -0500, prashant n wrote:
> hi,
>
> Can the product SAML 1.1 & SAML 2.0 - PingFederate Federation Server be
> used for :
>
> 1) to provide enterprise-wide identity for employees ?
>
> 2) can this be integrated into Access Cards - Flash / Swipe
>
> 3) can this be integrated into EPABX
>
> 4) can my windows and *NIX workstations which are clients of Windows
> Active Directory and Linux based Samba PDC using OpenLDAP / Redhat
> Directory Server be configured to get authenticated from SAML 1.1 & SAML
> 2.0 - PingFederate Federation Server ? ( i mean replacing windows Active
> Directory and Linux based Samba PDC using OpenLDAP / Redhat Directory
> Server with SAML 1.1 & SAML 2.0 - PingFederate Federation Server)
>
> 5) Can my Cisco PIX, Squid Proxy, IPSec / SSL VPN or any other Application
> (Apche / Zimbra / Subversion which can talk to Active Directory and
> OpenLDAP for authentification) which can be authenticated via windows
> Active Directory and Linux based Samba PDC using OpenLDAP / Redhat
> Directory Server used ause SAML 1.1 & SAML 2.0 - PingFederate Federation
> Server
>
> 6) If i integrate the SAML 1.1 & SAML 2.0 - PingFederate Federation Server
> my windows and *NIX workstation logons, will it result into, the email
> client MS Outlook 200x , Mozilla ThunderBird 1.x, Kontact 1.2.x, my
> browser (IE 5.x & above, Mozilla Firefox 1.x) get authenticated
> automagically and will serve what they are intented to ie, send / receive
> emails, browse internet, etc without asking the user to key in his/her
> email id, email password etc
>
> Please clarify my doubts
>
> Thanks & Regards
> Shann
>
> -----------------------------------------------------------
> Sign up and get your 30GB webmail at www.30gigs.com now!
>

-----------------------------------------------------------
Hi..! Get this Exclusive Offer From 30gigs.com. Free Ipod Nano! Click Here.
Don't have 30gigs email account yet? Sign up and get your 30GB Webmail account Now!

_______________________________________________
sso-users mailing list
sso-users <at> lists.sourceid.org
http://lists.sourceid.org/mailman/listinfo/sso-users
Permalink | Reply | 0 comments |
headers
prashant n | 25 Jul 2006 09:42

Few SAML 1.1 & SAML 2.0 - PingFederate Federation Server questions

hi,

Can the product SAML 1.1 & SAML 2.0 - PingFederate Federation Server be used for :

1) to provide enterprise-wide identity for employees ?

2) can this be integrated into Access Cards - Flash / Swipe

3) can this be integrated into EPABX

4) can my windows and *NIX workstations which are clients of Windows Active Directory and Linux based Samba PDC using OpenLDAP / Redhat Directory Server be configured to get authenticated from SAML 1.1 & SAML 2.0 - PingFederate Federation Server ? ( i mean replacing windows Active Directory and Linux based Samba PDC using OpenLDAP / Redhat Directory Server with SAML 1.1 & SAML 2.0 - PingFederate Federation Server)

5) Can my Cisco PIX, Squid Proxy, IPSec / SSL VPN or any other Application (Apche / Zimbra / Subversion which can talk to Active Directory and OpenLDAP for authentification) which can be authenticated via windows Active Directory and Linux based Samba PDC using OpenLDAP / Redhat Directory Server used ause SAML 1.1 & SAML 2.0 - PingFederate Federation Server

6) If i integrate the SAML 1.1 & SAML 2.0 - PingFederate Federation Server my windows and *NIX workstation logons, will it result into, the email client MS Outlook 200x , Mozilla ThunderBird 1.x, Kontact 1.2.x, my browser (IE 5.x & above, Mozilla Firefox 1.x) get authenticated automagically and will serve what they are intented to ie, send / receive emails, browse internet, etc without asking the user to key in his/her email id, email password etc

Please clarify my doubts

Thanks & Regards
Shann

-----------------------------------------------------------
Hi..! Get this Exclusive Offer From 30gigs.com. Free Ipod Nano! Click Here.
Don't have 30gigs email account yet? Sign up and get your 30GB Webmail account Now!

_______________________________________________
sso-users mailing list
sso-users <at> lists.sourceid.org
http://lists.sourceid.org/mailman/listinfo/sso-users
Permalink | Reply | 0 comments |
headers
Deane Sloan | 21 Jul 2006 16:32
Picon
Favicon

SAML 1.1 .Net Toolkit - GenerateNewID issues

Hi,

When integrating with a commercial SAML 1.1 asserting party, we encountered
issues with the RequestID generated by
SourceID.SamlSupport.DocumentSignatureSupport:GenerateNewID().

The GenerateID function doesn't seem to follow the XML ID/NCName production
rules, resulting in IDs containing the ':' character. We also experienced
issues when IDs were generated with a leading digit (prohibited by the
'Name' production rules also?).

Easily solved and I'm not sure if this is an implementation fault or simply
an interop issue - however it might also catch other users of this useful
toolkit.

Thanks,

Deane
Permalink | Reply | 0 comments |
headers
Legido Martínez, Isidoro | 12 Jul 2006 11:25
Picon

idp-authn-lifespan use?

Hi, I sent this message some time ago and I am still clogged on it :-( 

Could anybody help me, please?

Thanks a lot,

Isi,

________________________________

Hi,

I am currently using SourceID "ID-FF 1.1 .Net Toolkit"  and I am trying to figure out inside the code where and
how the idp-authn-lifespan parameter is used, but I can not find it. Let's suppose the following situation:

+ 2 SP with session timeout=20min.

+ 1 IDP with idp-authn-lifespan=5 min.

+ SP1 logs in IDP

+ 6 minutes later, SP2 tries to login also.

In this case, what would be the expected result? SP2 should introduces its credentials?

Thanks a lot,

Isi,

________________________________

Isidoro Legido Martínez

Jefe de Proyecto

________________________________

Área de Sistemas de Información 
tecsidel 
C/ Príncipe de Astúrias, 43, 2a planta 
08012 Barcelona 
Tel:    (+34) 93 292 21 10
Mov:   (+34) 649 48 89 75 
Fax:    (+34) 93 292 29 93 
isidoro.legido <at> tecsidel.es <mailto:isidoro.legido <at> tecsidel.es> 
www.tecsidel.es <blocked::http://www.tecsidel.es/>  

________________________________

La información que se incluye en este mensaje es confidencial y puede ser privada a nivel legal. Las vistas
u opiniones que se expresan en este mensaje de correo electrónico son propiedad exclusiva del autor.

_______________________________________________
sso-users mailing list
sso-users <at> lists.sourceid.org
http://lists.sourceid.org/mailman/listinfo/sso-users
Permalink | Reply | 1 comment |
headers
Remy Belanger | 11 Jul 2006 21:41

SAML 2.0 Java Toolkit and InfoCard Java Toolkit

Hi Folks !

I would like to know where I can get the SourceID InfoCard STS Toolkit for Java ?

Also, is there any SourceID SAML 2.0 Toolkit for Java that will be available soon ?

Thank you very much !
-- Rémy Bélanger Senior Software Designer / Concepteur sénior de logiciels SCJ2P _____________________________________________________________ Okiok http://www.okiok.com 450-681-1681 x231 1-877-561-1681 Enterprise and e-business security solutions / Solutions de sécurité d'entreprise et d'affaires électroniques This e-mail message (including attachments, if any) is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, proprietary, confidential and exempt from disclosure. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender and erase this e-mail message immediately. Le présent message électronique (y compris les pièces qui y sont annexées, le cas échéant) s'adresse au destinataire indiqué et peut contenir des renseignements de caractère privé ou confidentiel. Si vous n'êtes pas le destinataire de ce document, nous vous signalons qu'il est strictement interdit de le diffuser, de le distribuer ou de le reproduire. Si ce message vous a été transmis par erreur, veuillez en informer l'expéditeur et le supprimer immédiatement. 
_______________________________________________
sso-users mailing list
sso-users <at> lists.sourceid.org
http://lists.sourceid.org/mailman/listinfo/sso-users
Permalink | Reply | 0 comments |
headers
Stefan Rettig | 19 Jun 2006 12:06
Picon

Demo Deployment Error

Hello,

 

i got the same issue:

http://lists.sourceid.org/archives/sso-users/2005-March/000735.html

 

I tried the suggestion, but I still doesn’t work.

 

Any suggestions?

 

THANK YOU

 

Here my error message:

 

() for servlet MainApServlet threw exception

org.sourceid.config.ConfigurationException: Unable to locate configuration strin

g value for: org.sourceid.saml11.adapter.ap.AdapterFactory.ApplicationDirectory

        at org.sourceid.config.impl.BasicXmlConfigStore.getStringValue(BasicXmlC

onfigStore.java:96)

        at org.sourceid.saml11.adapter.ap.AdapterFactory.getApplicationDirectory

(AdapterFactory.java:59)

        at org.sourceid.saml11demo.ap.servlet.ApServlet.doGet(ApServlet.java:42)

 

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:697)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)

        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl

icationFilterChain.java:237)

        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF

ilterChain.java:157)

        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV

alve.java:214)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv

eContext.java:104)

        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav

a:520)

        at org.apache.catalina.core.StandardContextValve.invokeInternal(Standard

ContextValve.java:198)

        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV

alve.java:152)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv

eContext.java:104)

        at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(Securit

yAssociationValve.java:72)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv

eContext.java:102)

        at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecur

ityMgrRealm.java:275)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv

eContext.java:102)

        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica

torBase.java:462)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv

eContext.java:102)

        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav

a:520)

        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j

ava:137)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv

eContext.java:104)

        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j

ava:117)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv

eContext.java:102)

        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav

a:520)

        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal

ve.java:109)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValv

eContext.java:104)

        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.jav

a:520)

        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)

 

        at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:16

0)

        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java

:799)

        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce

ssConnection(Http11Protocol.java:705)

        at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java

:577)

_______________________________________________
sso-users mailing list
sso-users <at> lists.sourceid.org
http://lists.sourceid.org/mailman/listinfo/sso-users
Permalink | Reply | 1 comment |
headers
Thomas Kopp | 14 Jun 2006 16:48

ID-FF1.2 - java.lang.ClassNotFoundException: org.sourceid.idff12.servlet.sp.SLOInitiateServlet

Hello

Where is the org.sourceid.idff12.servlet.sp.SLOInitiateServlet located?

Do i need to edit something else then the jboss.dir in the
build.local.properties?
Or it is a problem with Jboss 4.0.4? Does anybody else use the Jboss
4.0.4 for ID-FF?

Error message in JBoss:
--- Incompletely deployed packages ---
org.jboss.deployment.DeploymentInfo <at> 8de005ba { url=file:/F:/Uni/Diplom/Programm/
Programme/jboss-4.0.4.GA/server/default/deploy/sourceid-idff-demo.war }
  deployer: MBeanProxyExt[jboss.web:service=WebServer]
  status: Deployment FAILED reason: java.lang.ClassNotFoundException: org.source
id.idff12.servlet.sp.SLOInitiateServlet
  state: FAILED
  watch: file:/F:/Uni/Diplom/Programm/Programme/jboss-4.0.4.GA/server/default/de
ploy/sourceid-idff-demo.war
  altDD: null
  lastDeployed: 1150274765186
  lastModified: 1150274765116
  mbeans:

Jboss4.0.4, Ant1.6.5, WinXP,  Jdk1.5.0_07

thanks
Thomas
Permalink | Reply | 0 comments |

Gmane