Forum OpenACS Q&A: Has anyone ever used SAML with OpenACS as a means of achieving Single Sign-On

Before I begin tackling this, I thought I would ask if anyone has any experience with interacting with a SAML service. This would defer user authentication to the SAML service and then issue an openACS session id based on the SAML response.

I wondered if a good starting point might be to use the existing OpenACS LDAP support as a boilerplate and modify it?

Any comments or advice would be appreciated.


I am not familiar with SAML, but yes, taking inspiration from an existing authentication driver would be the best way to implement this.
I have to bear the same challenge now and I wonder if someone has any experience in this now?