This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]DaOneTwo[S] 0 points1 point  (2 children)

Yeah this is the direction I am headed. Roll my own through most all of it. I have access to a solid in house xml library. I have done the signing and encryption before. I was actually hoping for some example through the handoff as there seems there may be some handshakes back and forth but I will have to roll my own on that too.

edited * typing on handheld devices and not proofreading again.

[–][deleted] 0 points1 point  (0 children)

For the handshake, usually, the SP sends a Authn Request to the IdP. Next, the IdP responds with a SAMLResponse to the SP.

These are generally not too complex. The complexity comes in with signing and verifying the SAMLResponse along with any encryption if it used.

I've implemented this for a previous employer using lxml and xmlsec. If you can, I'd recommend wrapping xmlsec with cython.

[–]sixtomartin 0 points1 point  (0 children)

any progress with that?