...
The SAML Assertion could be modeled as a Base64 encoded String so that a more complex object need not be passed across the classloader boundary (with all those attendant classloader issues) between portal and portlet. If done carefully this should preserve the validity of any signatures and allow the portlet to reconstruct the assertion.
Portlet Client Library
There's now a child page for exploring this library.
- Need an HTTP client API allowing access to WSPs while handling authentication internally
- Client stack needs support for TLS client and server authentication, cookies, and whatever features WSPs would impose
- Internals must support detection of ECP requests, Liberty-defined interactions with IdP, and handling ECP responses