Anybody every generated a signed SAML assertion using Qt?
-
I haven't played with the crypto in Qt yet (I presume there's some) - but I was curious if anyone's got example code lying around.
I've written C++ code in the past that went through the laborious process of doing this (we have a SAML auth system that we bridge other auth method into (IWA, LDAP, Kerberos, OAuth) - after validating the user via those other auth mechanisms, my code creates a SAML assertion that's signed with a key the SAML auth system has been configured to recognized as a SAML IDP. I'm refactoring this shortly, and I'd like to take as much advantage of Qt as I can of course - Qt continues to surprise me with all kinds of nifty ways to do things.
I was just wondering if anyone's done this in a, at least somewhat, Qt oriented fashion.
Cheers :)
-
I haven't played with the crypto in Qt yet (I presume there's some) - but I was curious if anyone's got example code lying around.
I've written C++ code in the past that went through the laborious process of doing this (we have a SAML auth system that we bridge other auth method into (IWA, LDAP, Kerberos, OAuth) - after validating the user via those other auth mechanisms, my code creates a SAML assertion that's signed with a key the SAML auth system has been configured to recognized as a SAML IDP. I'm refactoring this shortly, and I'd like to take as much advantage of Qt as I can of course - Qt continues to surprise me with all kinds of nifty ways to do things.
I was just wondering if anyone's done this in a, at least somewhat, Qt oriented fashion.
Cheers :)
-
Well, there's a very long story - and boring - to this; however, ultimately I came to create a complete separation of concerns. Qt didn't have anything in particular to offer that helped me (which is no slight against Qt) excepting some Xml parsing/manipulation code (which is very useful - but I already have code for that.)
Ultimately I couldn't use Qt or my previous SAML code (the majority of it) because the accepting Identity Service was using XmlSec to validate signatures in some fashion I could not discern (and they could not tell me) - so I had to use xmlsec myself to sign the assertions.
I'd still like to figure out why my assertion signing code worked with one IDP validator and did not work with this one - but I don't have time to do so right now.
