Superpatterns

Pat Patterson on Identity Management, Federation and Single Malt Scotch

accessmanager adfs adoption authentication authorization bloggers blogwatch burtongroup cardspace catalyst donbowen extensions fam federation federationmanager fisl glassfish google identity idwsf infocard java javapolis libertyalliance lightbulb links mac microsoft opends openid opensource opensso php planetidentity podcast roller saml sdn sso sun tokyo ubuntu video webservices wsfederation

« links for 2008-05-17 | Main | Slides Online for... »

20 May · Tue 2008

Do Not Doubt The Power of The Fedlet!
[ fedlet opensso paulmadsen saml ]

The inimitable Paul Madsen writes on the Fedlet today, wondering

Would the fedlet, once deployed by an SP, be reusable with other IDPs (than the one that created it initially) and thereby be considered a quick and easy way to SAML enable an SP? I bet not.

On the contrary, my dear Madsen, it could indeed be reused with other IdPs. The Fedlet is configured via SAML 2.0 metadata, saved to a directory on disk. The very first time you visit the Fedlet's deployment URI, it offers to save configuration to disk:

At this point, as explained on the screen, you can expand the Fedlet WAR manually and copy the files yourself, or let the Fedlet do it for you. In either case, you can edit the SAML 2.0 metadata to use any SAML 2.0 identity provider (or providers). OpenSSO even includes an 'unconfigured' Fedlet for doing this all completely manually.

So, yes, the Fedlet is a quick and easy way to SAML enable an SP!

UPDATE (5/22/08) - Paul. Says. It. Was. All. Down. To. Misplaced. Punctuation.

@ 08:37 AM PDT Comments [0]

Trackback URL: http://blogs.sun.com/superpat/entry/do_not_doubt_the_power