Security Assertion Markup Language (SAML) can be a bit confusing to understand. At its core SAML is just a protocol with defined messages written in XML. The main purpose of SAML is to enable you to log in at one place such as a website and then jump over to another website without having to log in again. This setup is commonly called "federation".
It is similiar to OAuth. I see SAML continuing to make headroom in the enterprise space while OAuth stays strong in the consumer space. However in the future I hope these two technologies will end up playing well together.
In either case I am releasing a small Python library for generating SAML assertions. The main purpose of this is to learn SAML by doing (actually having to create an assertion gives me a good idea of the complexity of the protocol).
The library depends on M2Crypto so download and install it:
http://chandlerproject.org/bin/view/Projects/MeTooCrypto
M2Crypto depends on SWIG so you might need that as well.
Once that is installed you can download my distribution of PySAML here:
Python 2.6 - Win32:
http://darkeneddesire.com/PySAML/PySAML-1.0.win32.exe
Unix (source):
http://darkeneddesire.com/PySAML/PySAML.tar.gz
For windows you just run the executable. For unix you should run the following commands:
# cd PySAML
# python setup.py build
# python setup.by install
There are examples in the "examples" folder if you download the full source.
The whole project is available on github as well:
http://github.com/tachang/PySAML/tree/master
Monday, July 13, 2009
Subscribe to:
Post Comments (Atom)
5 comments:
Does this library only generates SAML assertions (as an IDP) or does it allow validation of assertions from other IDPs such as the fedlet scenario.
I am wondering if I can use this library to implement a SAML 2.0 enabled relying party authentication module for Django so that the user may authenticate with OpenSSO and the Django portal will honor the authentication assertion.
@Angela
This library only generates assertions for now. I haven't worked on it in a while but if someone wants to pick it up I wouldn't mind!
Hi,
Can you help me how to make Authentication Request using SAML2 in python code?
There is a follow up, namely pySAML2 :-)
Can be found on launchpad.
But beware that I'm just in the process of refactoring, so there will be major changes shortly.
It's been a while, but I am (somewhat) actively working on two Django projects that use PySAML: http://code.google.com/p/django-saml2-idp/ and http://code.google.com/p/django-saml2-sp/ . I also just forked PySAML on Github @ https://github.com/guitarmanvt/PySAML so I can fix that issue I reported 9 months ago. ;)
Post a Comment