Would the fedlet, once deployed by an SP, be reusable with other IDPs (than the one that created it initially) and thereby be considered a quick and easy way to SAML enable an SP? I bet not.
On the contrary, my dear Madsen, it could indeed be reused with other IdPs. The Fedlet is configured via SAML 2.0 metadata, saved to a directory on disk. The very first time you visit the Fedlet’s deployment URI, it offers to save configuration to disk:
At this point, as explained on the screen, you can expand the Fedlet WAR manually and copy the files yourself, or let the Fedlet do it for you. In either case, you can edit the SAML 2.0 metadata to use any SAML 2.0 identity provider (or providers). OpenSSO even includes an ‘unconfigured’ Fedlet for doing this all completely manually.
So, yes, the Fedlet is a quick and easy way to SAML enable an SP!
UPDATE (5/22/08) - Paul. Says. It. Was. All. Down. To. Misplaced. Punctuation.
Leave a Comment
Your email address will not be published. Required fields are marked *