pkgsrc.se | The NetBSD package collection

./security/cy2-saml, Crude SAML assertion validator for bridging WebSSO and SASL

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.11nb16, Package name: cy2-saml-1.11nb16, Maintainer: manu

SASL is a method for adding authentication support to connection-based
protocols. To use SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating protection
of subsequent protocol interactions. If its use is negotiated, a security
layer is inserted between the protocol and the connection.

This package contains a SASL plugin that perform a crude check on a SAML
authentication assertion. The assertion signature and date are verified,
and access is granted on behalf ot the user taked for a onfigurable
attribute.

The only protection against replay attacks is the assertion validity dates
checks, this authentication is therefore secure only if the SAML
authentication assertion remains secret. The assertion has the same role
as a web cookie used for authentication.

Here is a PHP example of LDAP binding using www/ap2-auth-mellon:
$saml_msg = $_SERVER["MELLON_SAML_RESPONSE"];
$userid = $_SERVER["REMOTE_USER"];
if (ldap_sasl_bind($ds, NULL, $saml_msg, "SAML",
NULL, $userid, NULL, "none") == FALSE) {
printf("ldap_sasl_bind() failed: %s", ldap_error($ds));
exit;
}

Required to run:
[textproc/libxml2] [security/cyrus-sasl] [security/lasso]

Required to build:
[pkgtools/cwrappers]

Master sites:

https://ftp.espci.fr/pub/crudesaml/ (Download)

Filesize: 340.849 KB

Version history: (Expand)

(2024-11-15) Updated to version: cy2-saml-1.11nb16
(2024-11-01) Updated to version: cy2-saml-1.11nb15
(2024-11-01) Updated to version: cy2-saml-1.11nb14
(2024-05-29) Updated to version: cy2-saml-1.11nb13
(2023-11-08) Updated to version: cy2-saml-1.11nb12
(2023-10-25) Updated to version: cy2-saml-1.11nb11

CVS history: (Expand)

2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2377)

Log message:
*: recursive bump for icu 74.1

2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298)

Log message:
*: bump for openssl 3

2023-04-19 10:12:01 by Adam Ciarcinski | Files touched by this commit (2359) | Package updated

Log message:
revbump after textproc/icu update

2022-11-23 17:21:30 by Adam Ciarcinski | Files touched by this commit (1878) | Package updated

Log message:
massive revision bump after textproc/icu update

2022-04-18 21:12:27 by Adam Ciarcinski | Files touched by this commit (1798) | Package updated

Log message:
revbump for textproc/icu update

2021-12-08 17:07:18 by Adam Ciarcinski | Files touched by this commit (3063)

Log message:
revbump for icu and libffi

2021-04-21 13:43:04 by Adam Ciarcinski | Files touched by this commit (1822)

Log message:
revbump for textproc/icu

2020-11-05 10:09:30 by Ryo ONODERA | Files touched by this commit (1814)

Log message:
*: Recursive revbump from textproc/icu-68.1