Superpatterns

• Simplified Web Browser Single Sign-On and Sign-Out Profile for SAML 2.0 | Feide RnD
  Cool stuff - a sensible subset of SAML 2.0 making it easier to grok. Does Andreas ever sleep???
  (tags: andreassolberg feide saml)
• YouTube - Stupid Internal Microsoft Vista SP1 Video
  Even allowing for the fact that this MUST have been made in a knowing, ironic frame of mind, it's super-lame.
  (tags: microsoft sp1 video vista)

A somewhat bittersweet moment today as I sent this email to the OpenSSO lists:

Some time ago (October 2006), we released 'Lightbulb', a simple SAML 2.0 service provider/relying party implemented in PHP, as a proof-of-concept, to show that it was indeed possible to write a 'pure' (no custom modules required) SAML 2.0 implementation in PHP.

Later, Lightbulb became an OpenSSO Extension, and was used by Andreas Solberg at FEIDE as the inspiration for simpleSAMLphp - a much more complete SAML 2.0 implementation, again in PHP, but this time including identity provider functionality, Shibboleth 1.3 and more.

Andreas has done a great job, devoting considerable time and effort to simpleSAMLphp, to the great benefit of the wider SAML 2.0 community. Over the months, simpleSAMLphp has become widely deployed in the academic community, to the extent that there are now events such as simpleSAMLphp workshops.

Consequently, we have decided to mark the OpenSSO SAML2/PHP Extension as 'deprecated' in favor of simpleSAMLphp. The old code will be left in place in CVS, but there is now a prominent README directing people to simpleSAMLphp.

Long live simpleSAMLphp!

Kind of like seeing one of your kids moving out of the family home and starting their own life, I guess...

Andreas over at Feide has just published a bunch of presentations he, um, presented the other day in Oslo. Great stuff - and I really like the sparse, clean look. I HATE slides with 15 bullets in 10 point text. The presentations cover the basics of SSO, SAML 2.0, OpenID and a look at Nordic/European collaboration in the education sector. Check them out.

Many thanks to Andreas Åkre Solberg of the FEIDE project for this latest iteration of the SAML 2.0 PHP service provider (SP) OpenSSO Extension (you might remember it as 'Lightbulb'). I spent Thursday afternoon running through some tests with the PHP SP and OpenSSO as the identity provider - apart from one very minor bug (already fixed , it all works great!

Changes since the initial implementation:

• Code restructured with SPIs for session handling and name mapping
• Single logout listener
• Support for transient identifiers
• A new, simpler, sample
• Documentation!
• Several bugfixes

Grab the code via CVS from opensso.dev.java.net (it's in opensso/extensions/saml2php/). Instructions for getting the code via CVS.