Security/identity · 2006-04-24

World, meet SAML. Hello, world. Hello, SAML.

There’s a simple test service called HelloSAML that’s been mentioned a couple of times on the saml-dev list, but if you’re not on that list or other SAML-related lists you might not have heard of it. From the introductory message by José Manuel Macías:

Basically, it’s a web front-end to AARR using different requester and responder profiles. The tool is able to perform HTTP SAML requests to a certain service configured by the user (requester mode), or receive and answer queries in an special URL created for the user (rsponder mode). The logs provided by AARR are also available.

It’s still very basic, and probably lacks a lot of desirable features, but if you find it interesting we can improve it in the future. Any suggestions will be really appreciated.

Recently I asked José Manuel for a bit more information, and here’s what he told me:

This is a first beta (even having been there for several months!) and users should keep in mind that the service is provided “as is”. It has limitations, and goes not much beyong saying “hello”; we plan to improve HelloSAML and add more features, such as SAML 2.0, improvement of logs, …

HelloSAML uses AARR, and current efforts are focused in this tool. AARR was initially developed by two colleagues (Cándido Rodriguez and Diego López) as part of the work made within the Terena TF-AACE task force.

AARR source code is available for everyone at RedIRIS CVS server, and we are open to hear the user comments, just write to us.

(These gentlemen’s email addresses are all available on the AARR site.) Give it a spin and see what you think!