[2008-06-16 02:26:32] JOIN #higgins :jooooooon!n=jclarke@linagoraberri.pck.nerim.net JOIN :#higgins [2008-06-16 02:26:40] hi [2008-06-16 02:59:58] JOIN #higgins :sourcerer!n=philipp@62.218.140.156 JOIN :#higgins [2008-06-16 03:03:56] hello there [2008-06-16 03:08:28] QUIT KOS-MOS [2008-06-16 03:08:55] JOIN #higgins :KOS-MOS!n=KOS-MOS@ecf.eclipse.org JOIN :#higgins [2008-06-16 03:47:11] QUIT KOS-MOS [2008-06-16 05:49:12] QUIT Jimse [2008-06-16 07:11:25] JOIN #higgins :rcjsuen!n=rcjsuen@bas6-kitchener06-1177622216.dsl.bell.ca JOIN :#higgins [2008-06-16 07:12:18] JOIN #higgins :ccmtaylor!n=taylor@nawab.mi.fu-berlin.de JOIN :#higgins [2008-06-16 07:16:32] QUIT nairbreklew [2008-06-16 07:20:57] PART #higgins [2008-06-16 07:47:30] QUIT rcjsuen [2008-06-16 08:29:40] JOIN #higgins :rcjsuen!n=rcjsuen@auth3-484.uwaterloo.ca JOIN :#higgins [2008-06-16 08:34:44] JOIN #higgins :nairbreklew!n=chatzill@static-68-162-255-8.bos.east.verizon.net JOIN :#higgins [2008-06-16 08:51:07] JOIN #higgins :Jeesmon!n=jjacob@static-68-162-255-8.bos.east.verizon.net JOIN :#higgins [2008-06-16 09:07:02] JOIN #higgins :MikeMc!n=MikeMc@nat/ibm/x-3a063ef81383937d JOIN :#higgins [2008-06-16 09:28:02] JOIN #higgins :Duane!n=dbuss@137.65.132.233 JOIN :#higgins [2008-06-16 09:45:13] JOIN #higgins :paul_!n=chatzill@209-6-146-143.c3-0.bkl-ubr1.sbo-bkl.ma.cable.rcn.com JOIN :#higgins [2008-06-16 09:46:26] JOIN #higgins :tdoman!n=TeeDoh@137.65.132.161 JOIN :#higgins [2008-06-16 10:04:07] JOIN #higgins :Jimse!n=jimse@209.41.70.50 JOIN :#higgins [2008-06-16 10:06:31] ~s [2008-06-16 10:20:37] QUIT paul_ [2008-06-16 11:07:13] QUIT rcjsuen [2008-06-16 11:20:10] QUIT MikeMc [2008-06-16 11:30:29] QUIT Jimse [2008-06-16 11:37:54] JOIN #higgins :MikeMc!n=MikeMc@nat/ibm/x-07797c3e19972448 JOIN :#higgins [2008-06-16 11:44:52] JOIN #higgins :paul_!n=chatzill@static-68-162-255-8.bos.east.verizon.net JOIN :#higgins [2008-06-16 11:52:07] JOIN #higgins :rcjsuen!n=rcjsuen@auth2-131.uwaterloo.ca JOIN :#higgins [2008-06-16 12:09:08] QUIT paul_ [2008-06-16 12:17:34] JOIN #higgins :Jimse!n=jimse@137.65.229.21 JOIN :#higgins [2008-06-16 12:19:27] QUIT rcjsuen [2008-06-16 12:36:44] JOIN #higgins :paul_!n=chatzill@static-68-162-255-8.bos.east.verizon.net JOIN :#higgins [2008-06-16 12:52:21] QUIT MikeMc [2008-06-16 13:08:34] QUIT sourcerer [2008-06-16 13:18:06] QUIT paul_ [2008-06-16 13:37:02] JOIN #higgins :MikeMc!n=MikeMc@nat/ibm/x-d5b20693994b2d6e JOIN :#higgins [2008-06-16 13:39:24] JOIN #higgins :rcjsuen!n=rcjsuen@auth2-85.uwaterloo.ca JOIN :#higgins [2008-06-16 14:11:19] JOIN #higgins :paul_!n=chatzill@static-68-162-255-8.bos.east.verizon.net JOIN :#higgins [2008-06-16 14:36:59] JOIN #higgins :sourcerer!n=philipp@212-183-32-23.adsl.highway.telekom.at JOIN :#higgins [2008-06-16 14:49:37] QUIT paul_ [2008-06-16 15:05:16] JOIN #higgins :paul_!n=chatzill@209-6-146-143.c3-0.bkl-ubr1.sbo-bkl.ma.cable.rcn.com JOIN :#higgins [2008-06-16 15:20:00] QUIT rcjsuen [2008-06-16 15:48:15] JOIN #higgins :peace-keeper!n=peace-ke@chello084114169104.2.15.vie.surfer.at JOIN :#higgins [2008-06-16 15:59:57] JOIN #higgins :MikeMc_!n=MikeMc@nat/ibm/x-ea518143bc5ee461 JOIN :#higgins [2008-06-16 16:00:46] hey mike [2008-06-16 16:05:27] mike? jim? tom? anyone here? [2008-06-16 16:05:34] I'm here [2008-06-16 16:05:46] jim here [2008-06-16 16:05:49] sweet [2008-06-16 16:06:00] QUIT MikeMc [2008-06-16 16:06:16] ok so now we have org.eclipse.higgins.saml2idp.saml2 and org.eclipse.higgins.util.saml [2008-06-16 16:06:36] and i tried to use the sts in order to not need these things anymore [2008-06-16 16:07:18] I'd like to see the sts stuff you're using move into util.saml [2008-06-16 16:07:25] but not use axiom [2008-06-16 16:07:33] as your saml2 stuff didn't [2008-06-16 16:07:39] well i haven't gotten too far with the sts yet [2008-06-16 16:07:44] i need mike's help with that [2008-06-16 16:07:55] I basically bastardized your saml2 stuff for the minimum I needed for saml1 work I was doing. [2008-06-16 16:08:15] JOIN #higgins :MikeMc!n=MikeMc@nat/ibm/x-e4b3e5c5bfc52670 JOIN :#higgins [2008-06-16 16:08:21] for me it sounds great to move all these utility classes to util.saml [2008-06-16 16:08:22] hi - sorry I am late [2008-06-16 16:08:25] np [2008-06-16 16:08:34] but we want to avoid duplication [2008-06-16 16:08:41] so can I ask Jim and Tom some questions? [2008-06-16 16:08:48] sure sure [2008-06-16 16:08:59] okay [2008-06-16 16:09:08] trying to understand what they want to accomplish - is it to use SAML for authn to ldap? [2008-06-16 16:09:48] yeah, LDAP does SASL [2008-06-16 16:09:52] long story short, yes [2008-06-16 16:09:58] and someone has done SAML over SASL [2008-06-16 16:10:07] yes, "someone" has :) [2008-06-16 16:10:20] well, possibly more than one, I don't know [2008-06-16 16:10:22] dunno if ANY other LDAP servers have [2008-06-16 16:10:23] so we sort of do this already - in admitedly a bad way - for personal cards [2008-06-16 16:10:34] that's not the point though mike [2008-06-16 16:10:54] the point is, to support this LDAP server, we need general purpose SAML code [2008-06-16 16:10:57] I want to know what the point is - why is this different and are we changing that too [2008-06-16 16:11:21] why isn't the other method good enough? [2008-06-16 16:11:37] the other method of doing what? [2008-06-16 16:11:37] will this new method work with openldap/nds/tds? [2008-06-16 16:12:02] only if those LDAP servers support SAML over SASL [2008-06-16 16:12:05] connect via lpu and search for a digest [2008-06-16 16:12:22] OpenLDAP does support SASL, but I don't know which SASL mechanisms it does [2008-06-16 16:12:42] so, we're not connecting and searching [2008-06-16 16:12:42] any LDAP that supports SAML over SASL for AuthN [2008-06-16 16:12:52] we're actually binding with the SAML assertion [2008-06-16 16:13:03] can you explain what you need in order to make SASL work? is there an API / code fragment? [2008-06-16 16:13:04] we're receiving a SAML assertion from another source [2008-06-16 16:13:19] and using it to AuthN over SASL [2008-06-16 16:13:34] tom could pastebin how he does SASL using the JNDI provider [2008-06-16 16:13:35] in the current case of personal card you receive the saml from the client - how is this different? [2008-06-16 16:13:40] is that what you're asking for? [2008-06-16 16:14:14] I want to be sure I fully understand what needs to happen and want to make sure we are consistent where we can be [2008-06-16 16:14:44] and then once I know what we need I can understand how to do it [2008-06-16 16:14:57] Mike, it sounds like you are getting a SAML assertion, then binding to an LDAP server (presumably using some username/pw, or anon), and then searching for the SAML assertion digest in the LDAP server [2008-06-16 16:15:05] what we're doing is completely different [2008-06-16 16:15:21] right now we have several classes wrapping saml - and I want only one - but need to know what you need it to do [2008-06-16 16:15:26] http://pastebin.com/m41a7e99d [2008-06-16 16:15:55] oh, all we need to do is have a class that we can feed a SAML assertion to (in the class's ctor) [2008-06-16 16:15:59] Jim - I know what we do now is different - and I never liked what we do now - but ... [2008-06-16 16:16:05] and then use it to read the subject [2008-06-16 16:16:17] and also re-serialize the assertion [2008-06-16 16:16:25] yeah that's what the util classes do [2008-06-16 16:16:31] yes [2008-06-16 16:16:39] so yeah, all we need is what those util classes are doing [2008-06-16 16:16:39] mike have you looked at the pastebin? [2008-06-16 16:16:47] need to know a) why what we do now wont work for this case b) whether the new way can replace what we do now c) how to do the new thing [2008-06-16 16:16:57] are there sts pieces that can do the same.. simply parse saml and get fields out of it ? [2008-06-16 16:17:34] mike, maybe you should explain "what we do now" [2008-06-16 16:17:41] yes please [2008-06-16 16:17:49] AuthNDigestMaterials? [2008-06-16 16:17:58] and mike, have you looked at the pastebin?" [2008-06-16 16:18:29] yes - so you need to pull the subject out of the assertion but still need to pass the assertion? [2008-06-16 16:18:37] QUIT MikeMc_ [2008-06-16 16:18:37] bingo [2008-06-16 16:18:52] what we do now == [2008-06-16 16:19:29] take a SAML Assertion and extract some part(s) of it and sha1 it and then look up the user that matches [2008-06-16 16:19:31] if "we" means sts, there is no sts involved in what we're doing [2008-06-16 16:19:50] that is how personal cards work with IdAS now [2008-06-16 16:20:39] ok, so that's kind of the poor man's way of doing it. and we happen to have a backend ldap server that lets us actually bind with a saml assertion [2008-06-16 16:20:56] which is nice because then the ldap server takes care of everything [2008-06-16 16:21:07] we don't need to set up a least privileged user [2008-06-16 16:21:26] ok - I like this better if it can be made to work across the various platforms [2008-06-16 16:21:30] so, I think we need to allow both ways to happen [2008-06-16 16:21:40] various platforms? [2008-06-16 16:21:49] I highly doubt it can be made to work with all other ldap servers [2008-06-16 16:21:49] ldap platforms [2008-06-16 16:21:57] it'll work for every LDAP server that implements that SASL method [2008-06-16 16:21:59] this is a little too cutting edge I think [2008-06-16 16:22:05] just like every other SASL method [2008-06-16 16:22:25] right, I doubt there's *any* SASL mechanism that works with *every* LDAP server [2008-06-16 16:23:06] I am concerned about our lack of support resources and building functionality that only works rarely and having to support the decision of when to use what seems burdensome when the old way works across all servers [2008-06-16 16:23:48] but this is a deployment thing [2008-06-16 16:24:01] all of our support problems are deployment things [2008-06-16 16:24:10] so, you want the JNDI CP to pull apart the SAML assertion like the STS does? [2008-06-16 16:24:12] so, what are you saying? [2008-06-16 16:24:29] that won't work anyway [2008-06-16 16:24:35] you want to restrict what people can do because it only works when deploying against some servers? [2008-06-16 16:24:57] the AuthNDigest only works if the LDAP server has had it's schema extended and hashes stored so the lookup works [2008-06-16 16:24:58] I am saying I like the SASL way but would like to get a better idea how to use it in more places [2008-06-16 16:25:14] that's up to LDAP server implementors [2008-06-16 16:25:28] so, we would need to write a spec, and get the community to adopt it [2008-06-16 16:25:42] all we can do is say we support that mechanism for LDAP servers who have implemented it [2008-06-16 16:25:49] as it is, I don't even see *any* SASL mechanisms listed with IANA [2008-06-16 16:25:50] http://www.iana.org/assignments/sasl-mechanisms [2008-06-16 16:25:55] that's the case w/ a lot of LDAP extensions as well [2008-06-16 16:26:01] I mean SAML SASL mechs [2008-06-16 16:26:10] can you write up a description of how to configure OpenLDAP to support this? [2008-06-16 16:26:16] no [2008-06-16 16:26:17] QUIT nairbreklew [2008-06-16 16:26:21] because they don't! [2008-06-16 16:26:30] we'd have to write the OpenLDAP code [2008-06-16 16:26:39] if they did, they'd have to document how to do it. [2008-06-16 16:26:45] and get Kurt Z or whoever to commit it [2008-06-16 16:27:01] even support for the same functionality in different LDAP servers isn't the same configuration. [2008-06-16 16:27:02] what ldap server does support it? only NDS? [2008-06-16 16:27:15] perhaps -- I haven't looked around [2008-06-16 16:27:15] no, only eDirectory [2008-06-16 16:27:25] that I know of (diffferent from NDS btw) [2008-06-16 16:27:45] it hasn't been registered with IANA, so I doubt anyone other than eDir does it yet [2008-06-16 16:27:50] though OpenLDAP supports proxy Auth and eDir doesn't [2008-06-16 16:28:00] however, I added support for proxy auth in the JNDI CP [2008-06-16 16:28:01] And I'm not sure why it's not registered with IANA [2008-06-16 16:28:17] it's not OpenLDAPs fault eDir didn't implement it [2008-06-16 16:28:42] it's not even Jim's fault! :) [2008-06-16 16:30:55] it's all my fault [2008-06-16 16:31:15] heh, the point remains the same [2008-06-16 16:31:16] why didn't you register it with IANA? [2008-06-16 16:31:29] I'm going to see what we can do to get this mech registered with IANA and thus get some more people to possibly impl support for it [2008-06-16 16:31:31] yeah, jim, why? :) [2008-06-16 16:31:35] shut it [2008-06-16 16:32:01] people have been talking about doing this for years now [2008-06-16 16:32:12] okay, I'd like to get to the actual topic [2008-06-16 16:32:22] yeah, i don't understand half of what you're saying [2008-06-16 16:32:26] I remember talking to R.L. Bob about it 5 years ago [2008-06-16 16:32:38] if we had generalized SAML code, we could talk about LDAP server crap another day [2008-06-16 16:32:54] I know its something people have discussed but since only one known server impls it why build support for it? [2008-06-16 16:33:05] there's a whole load of LDAP features I'd like to talk about exposing [2008-06-16 16:33:08] dude, we already have support for it [2008-06-16 16:33:12] cuz we want to! [2008-06-16 16:33:32] the point is that doing this the right way means more changes [2008-06-16 16:33:36] we just want the code to be in a reusable palce [2008-06-16 16:33:46] what changes? [2008-06-16 16:33:53] we just want common code to be common [2008-06-16 16:34:02] the sts does a whole bunch of saml crap [2008-06-16 16:34:25] also we probably need to support saml 1.1 and 2.0 right? [2008-06-16 16:34:32] yep [2008-06-16 16:34:35] no one needs to do anything other than define which parts of the SAML code would be nice to pull out to a util project [2008-06-16 16:34:54] markus pretty much had done that [2008-06-16 16:35:09] no one needs to do anything except move code - but we should actually use it [2008-06-16 16:35:15] if the SAML code were already in a util project, we wouldn't even be having this conversation, would we? [2008-06-16 16:35:17] the sts may do it "better" but we don't care, we'd like to see common code [2008-06-16 16:36:31] well my "util" classes are by no means a complete saml 2.0 implementation, they just support those specific pieces that i needed for my project [2008-06-16 16:36:50] and the saml 1.0 stuff I did does even less! [2008-06-16 16:36:54] for the same reason [2008-06-16 16:36:58] they don't support attributes for ex. [2008-06-16 16:36:59] I did only what I needed [2008-06-16 16:37:03] :) [2008-06-16 16:37:21] which, by the pastebin blurb, you'll see isn't much! [2008-06-16 16:37:43] well as i understand, if i correctly use the sts in my saml2 idp, then it would suddenly become a much more complete and better idp [2008-06-16 16:37:53] but I consider what I did very unholy and unsanctified [2008-06-16 16:37:56] that's the whole idea why i'm trying to use it [2008-06-16 16:38:15] is the LDAP server checking the SAML signature and checking whether the SAML IdP Key is trusted? [2008-06-16 16:38:26] yep [2008-06-16 16:39:02] in fact, when we serialize from the util code, we need it to serialize in a kosher way [2008-06-16 16:39:06] so all you really need is a simple function (xpath?) to extrat the NameId from the xml [2008-06-16 16:39:11] otherwise it won't check out on the other side [2008-06-16 16:39:31] for this one moment [2008-06-16 16:40:10] its odd that you need to pass both the subject and the saml since the subject is in the saml [2008-06-16 16:40:13] that and a distinguishable instance type [2008-06-16 16:40:32] what are the certRelyingPartyChain and certStore parameters of TokenRequestFactory.createRequest() ? [2008-06-16 16:40:53] they are used to generate the PPID [2008-06-16 16:40:57] yeah, I didn't ask why they require that. it may be that JNDI is the one that requires a subject name to be specified [2008-06-16 16:41:16] but i'm not dealing with cards so i don't have a ppid [2008-06-16 16:41:37] so I think there is another function for you... [2008-06-16 16:41:52] hmm but i need to somehow create an ISTSRequest, right.. [2008-06-16 16:42:04] the SAML assertions we're talking about here are not cardspace assertions either [2008-06-16 16:42:38] "i'm not dealing with card" .. what a great sentence :) [2008-06-16 16:43:20] I liked that too [2008-06-16 16:43:42] I'm not dealing with a full deck, but you're not even dealing with *any* cards! [2008-06-16 16:43:47] as i understand, i need to 1. create an ISTSRequest, 2. call ISecurityTokenService.invoke() and 3. call ISTSRespones.getRequestSecurityTokenResponseCollection(), and then magically i will have a SAML 2.0 response [2008-06-16 16:45:26] which is cooler than what i'm doing now, because it supports full SAML 2.0, not just the hacky version i have now [2008-06-16 16:45:44] but i just don't get all the parameters of the sts methods involved [2008-06-16 16:46:23] ok - checking in a fix that does not need those two params [2008-06-16 16:46:57] ok [2008-06-16 16:46:59] next question [2008-06-16 16:47:06] what's the base64Extension ? [2008-06-16 16:47:40] because there is no standard way to base64 encode/decode data in java - I had to create a way to does it [2008-06-16 16:48:02] oh ok so that's not request specific [2008-06-16 16:48:28] no - its just the service that does it [2008-06-16 16:48:56] uriTokenService is the URI where my IdP endpoint is running? and uriRelyingParty is the URI where i'm going to POST back the response? right? [2008-06-16 16:49:13] the base64extension is also getting pulled out of the interface [2008-06-16 16:49:15] QUIT sourcerer [2008-06-16 16:49:26] would be nice to have the base64 stuff in a util area too. I have b64 encode/decode crap in idas too [2008-06-16 16:49:51] sad when we have duplicate code in one eclipse proj :( [2008-06-16 16:50:05] why not just use commons codec and spare people the headache of why there's an extra interface and parameter? :) [2008-06-16 16:50:08] the uriTokenService is EITHER - the location of a WS-Trust endpoint - OR - the name of the local STS [2008-06-16 16:50:33] is the commons codec in the redist yet - its wasn't before [2008-06-16 16:50:50] yes i think it is [2008-06-16 16:50:56] commons-codec-1.3.jar [2008-06-16 16:51:08] ok - I'll remove that then [2008-06-16 16:51:24] the "name" of the local sts ? [2008-06-16 16:51:26] what name [2008-06-16 16:52:38] to support multi-issuer each issuer has a name - and a key - I can make one process serve more than one STS issuer [2008-06-16 16:53:03] its just a URI that needs to match a in the configuration of the STS [2008-06-16 16:53:18] PART #higgins [2008-06-16 16:54:36] the setting called "TokenServiceIssuerURI" ? [2008-06-16 16:55:10] yes probably [2008-06-16 16:55:38] i basically copied the sts configuration from one of your sample project.. i don't really understand all of it [2008-06-16 16:56:16] yes that is the setting [2008-06-16 16:56:19] so then there's the invoke() method.. i guess there's not too much i can do wrong there [2008-06-16 16:56:36] no - its pretty simple at that point [2008-06-16 16:57:06] do i need mapComponentSettings and mapInvocationSettings? [2008-06-16 16:57:13] or is mapGlobalSettings enough [2008-06-16 16:58:31] I think you may need both [2008-06-16 16:58:58] btw - what static function do I use in the commons codec to base64 ? [2008-06-16 16:59:16] Base64.encodeBase64() [2008-06-16 16:59:25] Base64.decodeBase64() [2008-06-16 16:59:29] why does it return byte []? [2008-06-16 16:59:38] how to turn that into string? [2008-06-16 16:59:55] don't know, i think you just put it into new String(Base64.encodeBase64(...)) [2008-06-16 17:01:09] and i think you do Base64.decodeBase64(myString.getBytes()) [2008-06-16 17:01:52] so how do i get mapComponentSettings and mapInvocationSettings [2008-06-16 17:02:12] don't the clinet samples show how? [2008-06-16 17:02:29] hmm they probably do [2008-06-16 17:02:50] i'm just not used to deal with configuration things outside of configure() [2008-06-16 17:02:53] actually they just pass null [2008-06-16 17:03:06] so so can you [2008-06-16 17:03:17] ok [2008-06-16 17:04:01] and when invoke() is done, i call ISTSResponse.getRequestSecurityTokenResponseCollection() to get my saml response? is that right ? [2008-06-16 17:05:39] yes - see the sample code [2008-06-16 17:06:36] yeah i think i get it [2008-06-16 17:06:38] cool [2008-06-16 17:07:11] at some point what i need to do is get a saml response for a user that does not exist in any idas context, and for whom i don't even have a password [2008-06-16 17:07:25] but that's not urgent [2008-06-16 17:07:34] i'll try to get the standard case working first [2008-06-16 17:07:46] ok - we can work out how that can happen [2008-06-16 17:08:50] but i still need my util classes to parse the saml authnrequest [2008-06-16 17:09:45] so what should happen with them [2008-06-16 17:09:52] yes - we'll need to address that shortly [2008-06-16 17:11:14] i guess for now i should move my saml2idp.saml2 things to tom's util.saml project [2008-06-16 17:11:32] right now we have util classes in both [2008-06-16 17:11:56] tom? jim? you still awake? [2008-06-16 17:12:20] did someone say my name? [2008-06-16 17:12:37] go ahead and move them and if we need to change them we'll coordinate with them [2008-06-16 17:12:46] yeah, I'm all for moving useful reusable code to the util.* projects [2008-06-16 17:13:11] ok [2008-06-16 17:13:24] actually that means eventually everything accept a few things will be in projects with reduntant util name [2008-06-16 17:13:38] :) [2008-06-16 17:13:45] better one saml util project than two [2008-06-16 17:14:05] catching up [2008-06-16 17:14:11] for now put it there but suspect a place for all token types might be in order [2008-06-16 17:14:31] yeah, okay [2008-06-16 17:14:39] ok so i'll try to move my saml2 wrappers to tom's saml wrappers [2008-06-16 17:14:41] and feel free to blow away what I've put out there [2008-06-16 17:14:49] if needed [2008-06-16 17:14:52] did you change any of the classes i made? or just added new ones? [2008-06-16 17:15:11] I think I just added new ones built on your basics [2008-06-16 17:15:16] k [2008-06-16 17:15:28] XMLElement etc. [2008-06-16 17:15:33] idas.api now has a dependency on that, right? [2008-06-16 17:15:37] on the util.saml [2008-06-16 17:15:39] I don't remember for sure but I don't think I modified the basic [2008-06-16 17:15:40] s [2008-06-16 17:15:52] uh, no, I don't think so [2008-06-16 17:15:54] well i'll find out if anything doesn't work [2008-06-16 17:16:04] oh, on SAML2 [2008-06-16 17:16:05] yes [2008-06-16 17:16:38] we can get rid of that dependency based on how I did the SAML1 stuff [2008-06-16 17:16:45] after we have the SAML2 in util [2008-06-16 17:16:58] hmm [2008-06-16 17:17:00] how do you "delete" a project from higgins [2008-06-16 17:17:09] the saml2idp.saml after i'm done [2008-06-16 17:17:43] just delete the folder in svn ? [2008-06-16 17:19:17] not sure [2008-06-16 17:19:59] I think that's right Markus [2008-06-16 17:20:13] ok [2008-06-16 17:20:22] if you use the SVN Repository Browsing view in eclipse it works well [2008-06-16 17:20:40] yes i've done that before [2008-06-16 17:21:17] so [2008-06-16 17:21:57] i think i know what to do to move ahead: 1. move util classes from saml2idp.saml2 to util.saml, and 2. get sts to work in my project [2008-06-16 17:21:59] anything else to talk about [2008-06-16 17:22:20] ? [2008-06-16 17:25:30] not that I can think of [2008-06-16 17:25:43] sounds good to me [2008-06-16 17:26:05] JOIN #higgins :rcjsuen!n=rcjsuen@auth2-85.uwaterloo.ca JOIN :#higgins [2008-06-16 17:26:07] k i'll write a few notes to the list [2008-06-16 17:26:17] coll [2008-06-16 17:26:18] cool [2008-06-16 17:26:20] :) [2008-06-16 17:26:47] damn we lost against germany 0:1 today in soccer [2008-06-16 17:26:51] we're out of the tournament now [2008-06-16 17:26:55] euro 2008 [2008-06-16 17:27:06] austria? [2008-06-16 17:27:10] yeah [2008-06-16 17:27:16] but we always lose [2008-06-16 17:27:19] so no big surprise :) [2008-06-16 17:27:43] heh, that isn't also part of a world cup qualifier is it? [2008-06-16 17:27:54] no - euro championship [2008-06-16 17:27:58] south america is starting their qualifiers already [2008-06-16 17:28:03] its every four years [2008-06-16 17:28:18] ah [2008-06-16 17:28:18] US won its first qualifier yesterday [2008-06-16 17:28:26] oh cool [2008-06-16 17:28:37] 8 - 0 vs. Barbados ;-) [2008-06-16 17:28:45] hmm not sure how euro and world cup are related [2008-06-16 17:28:50] not at all [2008-06-16 17:29:05] I wondered if the euro champ might get qual. points or something ... guess not [2008-06-16 17:29:10] no [2008-06-16 17:29:31] Greece won last time and didn't even qualify for WC [2008-06-16 17:29:33] but austria is hosting the event, so every day i get out of the door, the streets are filled with fans of some other nationality [2008-06-16 17:30:26] one day croatians, next day poles, next day turks, etc [2008-06-16 17:30:29] fun [2008-06-16 17:30:36] cool [2008-06-16 17:31:58] go Croatia! [2008-06-16 17:32:43] in fact we're so bad that hosting the event is our only chance of ever participating in it (hosting countries are automatically qualified) [2008-06-16 17:33:00] same for swiss [2008-06-16 17:33:41] so traditionally every time we're out of some tournament we simply cheer for anyone who beats the germans [2008-06-16 17:35:40] gotta go - ttyl [2008-06-16 17:35:54] actually when is the final? [2008-06-16 17:36:05] I will be in Croatia for two weeks starting Saturday [2008-06-16 17:36:16] june 29th in vienna [2008-06-16 17:36:28] come and visit me if you have time [2008-06-16 17:36:58] I'd love to - but will be at a wedding that day - I hope there is a telivision [2008-06-16 17:37:00] PART #higgins [2008-06-16 17:58:18] JOIN #higgins :danie1!n=dsanders@nat/novell/x-0a56b164b7231843 JOIN :#higgins [2008-06-16 18:21:54] QUIT paul_ [2008-06-16 18:48:13] QUIT Duane [2008-06-16 18:58:20] JOIN #higgins :paul_!n=chatzill@209-6-146-143.c3-0.bkl-ubr1.sbo-bkl.ma.cable.rcn.com JOIN :#higgins [2008-06-16 19:14:37] QUIT tdoman [2008-06-16 19:32:47] Markus, you still around? [2008-06-16 19:45:24] QUIT peace-keeper [2008-06-16 19:49:59] JOIN #higgins :peace-keeper!n=peace-ke@chello084114169104.2.15.vie.surfer.at JOIN :#higgins [2008-06-16 19:58:54] QUIT Jimse [2008-06-16 20:43:24] JOIN #higgins :Jimse!n=jimse@209.41.70.50 JOIN :#higgins [2008-06-16 20:47:08] QUIT peace-keeper [2008-06-16 20:52:41] QUIT rcjsuen [2008-06-16 21:30:46] JOIN #higgins :rcjsuen!n=rcjsuen@bas6-kitchener06-1177622216.dsl.bell.ca JOIN :#higgins [2008-06-16 21:34:16] QUIT Jimse [2008-06-16 21:34:20] JOIN #higgins :Jimse!n=jimse@209.41.70.50 JOIN :#higgins [2008-06-16 22:14:57] JOIN #higgins :KOS-MOS!n=KOS-MOS@ecf.eclipse.org JOIN :#higgins [2008-06-16 22:38:05] JOIN #higgins :nairbreklew!n=chatzill@66-168-115-207.dhcp.oxfr.ma.charter.com JOIN :#higgins [2008-06-16 22:53:55] QUIT paul_ [2008-06-16 23:20:44] QUIT gambler [2008-06-16 23:20:50] QUIT rcjsuen [2008-06-16 23:23:16] JOIN #higgins :gambler!n=orion@124-171-170-188.dyn.iinet.net.au JOIN :#higgins