Today, UNINETT is proud to announce the first public beta release of SAML tracer.
SAML tracer is a Firefox plugin that allows you to trace and review all front-channel SAML messages sent as you browse web pages. The tool is intended for SAML developers or deployers for educational, research or debugging purposes.
SAML tracer is released as part of the Federation Lab, a tool suite from the GÉANT Identity Federations. SAML tracer is implemented by Olav Morken at UNINETT, also known from the SimpleSAMLphp project.
I have now prepared a web site with documentation and a downloadable package of the software. I do not yet consider the software stable, but I’ve reached a point where I would like feedback from real use cases of how to improve the software further.
In GÉANT Identity Federations, we’re working on designing a very simple and flexible cross-domain group exchange protocol; and Foodle will as usual be a place to showcase how this stuff work in real life.
To prepare Foodle for group interactions with other services, I’ve implemented Foodle Contacts – a simple interface for managing groups in Foodle,
The GÉANT Identity Federations working group has a significant list of achievements from Year 2 of the project. A yearly deliverable summarizes these results nicely in a document. The yearly deliverable was recently accepted, and are now publicly available on the link below.
The main focus areas throughout year 2 have been:
Metadata Distribution and Cross-Federation Scalability
I’m happy to make an early announcement of the availability of the Federation Lab toolkit.
We would probably make a broader announcement after receiving feedback from the early testers.
The initial set of tools and content available on Federation Lab is somewhat limited. There is plans for improving and extending the set of useful tool during the rest of the Identity Federation project period. If you have ideas for tools that would be useful, please tell us…
What can you do with Federation Lab today?
Automated SAML Service Provider Tester: automated testing tool.
OpenIdP: Feide OpenIdP will automatically trust all test entities that are registered. A dedicated FedLab OpenIdP and TestShib are beeing configured soon… We will be contacting commercial vendors and offer them the opportunity to connect test IdPs to the FedLab.
Web-based SAML debugger. Encode and decode messages captured in the SAML flow.
There will be a downloadable beta version ready as part of the launch of Federation Lab (GÉANT Identity Federations)- before the end of this year.
Please indicate whether this tool might be of interest to you – the amount of effort put into finalizing this product will heavily depend on the signalled interest from the community. Name suggestions for the product are welcome as well.
Foodle will most likely be equipped with a easy to use API for third party sites before the end of this year. It will probably be REST-ish using JSON. The API methods will probably be split into two categories; those calls that may be done unauthenticated, and those that needs authentication. For authentication of users we will use OAuth.
There may also be an implementation of OpenSocial interface ontop of the Foodle API. Details not available at this time.
If you have a service that would like to integrate with Foodle, I would like to get in contact with you 🙂 Send me an e-mail, or comment on this blog post. Examples may be:
you have some portal and would like a Foodle widget on the front page, showing a list of events on the active Foodles of that user.
you want to implement a Desktop client, or may be a mobile client, such as an iPhone or Android app.
you want to integrate Foodle to an external meeting planning system.
I think the Identity space will see a new paradigm, where the separation distinction between SPs and IdPs will be less clear. User data and attributes will be shared across services, not only from the IdP to the SP. OAuth plays an important role here. Foodle may be a playground giving you experience with service-to-service integration, that you may benefit from in other projects. If you need more reasons to play with the Foodle API (when beeing available), contact me.
Foodle API will probably indirectly cause these effects:
More JS intensive Foodle, using the same API offered to third parties.
Improvements to SimpleSAMLphp OAuth module
Other similar APIs, such as HTML+JS widgets listing participants registered for a meeting/conference or similar. Really simple integration: paste this code on your web site to include a list of participants to this meeting.