Did you read through the CAS documentation? It's extensive (which means it's extensible and includes all manner of clients so your work won't be a "one man' show" or "unsupportable hack" [which is why we are all hanging off the open source wagon in the first place]). This might bring compatibility issues into clear focus: https://wiki.jasig.org/display/CASC/AuthCAS If you don't use CAS, you might look at the code they used in this piece. After all, we don't go into a little room and pull code out of our armpits, do we? It's cut, splice, modify for our purposes and debug; is it not? On Sat, Dec 29, 2012 at 9:39 AM, Kevin Brown wrote: > I need it to work with the environment that the company already has in > existence. Everything they use is Apache 1 with mod_perl. > >> Hi Kevin, >> >> Why recreate the wheel? >> >> CAS <%20https://wiki.jasig.org/**display/CASUM >> > >> >> If you determine you really don't need CAS, perhaps this discussion of >> CAS <%20https://wiki.jasig.org/**display/CASUM> >> implementation and SAML+1.1 ticket validation: https://wiki.jasig.org/** >> display/CASUM/SAML+1.1 might help? >> >> >> >> >> >> >> On Fri, Dec 28, 2012 at 2:48 PM, Kevin Brown > kevinbrownbdc@gmail.**com >> wrote: >> >> So, new job... I've been tasked with implementing SSO using SAML >> 1.1. The client provided a document that gives an example of the >> Response object that will be forwarded into our site when a user >> goes to login. I'm trying to figure out how to validate the XML >> that I'm given so that I don't blindly trust that the document >> hasn't been modified in some way or just faked. >> I have the keys (DigestValue and SignatureValue), but when I try >> to do a sha1 of the xml (minus all the parts in the >> section, the hash doesn't match. >> Does anyone have any experience with this that they might be able >> to point me in the right direction? >> >> ------------------------------**--------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.**org >> >> > >> >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/**mailman/listinfo/plug-discuss >> >> >> >> >> -- >> >> (503) 754-4452 Android >> (623) 239-3392 Skype >> (623) 688-3392 Google Voice >> ** >> it-clowns.com >> Chief Clown >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> ------------------------------**--------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.**org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/**mailman/listinfo/plug-discuss >> > > ------------------------------**--------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.**org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/**mailman/listinfo/plug-discuss > -- (503) 754-4452 Android (623) 239-3392 Skype (623) 688-3392 Google Voice ** it-clowns.com Chief Clown