Googles Apps SAML/SSO decrypt
- From: Tom <biegel@xxxxxxxxx>
- Date: Wed, 31 Oct 2007 21:30:27 -0000
This should be an easy answer. I'm writing a custom SSO application
in PHP for integration with Google Apps. For generating the necessary
SAML responses, I'm using OpenSSO. Google requires you upload a
signed certificate, with a public key embedded. All SAML requests
sent and received between the service provider (Google) and the
identity provider (you) are encrypted using this key. I'm unsure what
to do with the request that Google Apps embeds in the URL though.
It's sent as a $_GET variable so it's not encrypted in a way that
php's openssl functions can understand. I'm not sure how to go about
decoding it:
http://www.example.com/sso?SAMLRequest=fVJLT8MwDL4j8R+i3PsCCUa0Fg2miUkDKlY4cMsSd82WJiVON/j3dB3TxgGOcT5/D9vD289akw04VNakNAljSsAIK5VZpvS1mAQDepudnw2R17pho9ZX5gU+WkB
Any thoughts?
.
- Prev by Date: Re: Session or browser problem??
- Next by Date: Re: how to create 'remember login' functionality during login
- Previous by thread: Why is server starting on 0.0.0.0:3000?
- Next by thread: Validate variables w/out empty
- Index(es):
