[ demo iiw2006b lightbulb openid opensso php saml xri yadis ]
This week at Internet Identity Workshop 2006b I've been demonstrating some work I've been doing to combine YADIS/XRI Identifier Resolution (as in OpenID) with SAML 2.0 Web Browser SSO Profile. The user experience is:
- I go to a service provider (relying party)
- I enter my identifier (URL or i-name)
- I authenticate at my identity provider
- I can access services at the service provider
The magic takes place between steps 2 and 3: the service provider resolves the user's identifier, which might be a URL or an i-name, to the location of a SAML 2.0 identity provider. The service provider can now do vanilla SAML 2.0 with the identity provider. The easiest way to see what's going on is via a demo, so, here you go:
 Click to view Flash presentation |
By the way - the service provider is implemented on top of Project Lightbulb. I need to do some tidying first, but I'll put the YADIS/XRI code there soon.
UPDATE - coverage of this demo at IIW2006b:
- Lightbulb: Bringing SAML to PHP
- Internet Identity Workshop demonstrations steal the show - nice pic on this one. Left-to-right we have Doc Searls, my good self, Shin Adachi and JP Rangaswami.
![[Feed]](http://blogs.sun.com/roller/resources/superpat/feed-icon16x16.png)
![[This is a Roller site]](/themes/sotto/images/roller-logo.gif){kind=logo}
Posted by James on December 07, 2006 at 06:21 AM PST #
Posted by Chema on January 15, 2007 at 02:39 AM PST #
Posted by Pat on January 15, 2007 at 09:45 AM PST #
It would help for people who are a little more new to this though if you added slides in between the messages showing the routing of the messages. You could have a slide of the main actors (the user agent, the web site one is looking for authentication from, the authenticator,...) and have a glowing arrow show the direction of the message. Something like that would help get an overview of what is happening.
Posted by Henry Story on March 01, 2007 at 01:04 AM PST #