Currently, we've hijacked bits of the SSP web interface to do the actual consumption of SAML assertions, but that's limiting what we can do with multisite because we have to bend to several of SSP's assumptions about how things are organized (namely, storing certificates in files).
There may be some lower-level methods within SSP that can be used to parse assertions while still allowing us to customize other parts of the workflow.
Currently, we've hijacked bits of the SSP web interface to do the actual consumption of SAML assertions, but that's limiting what we can do with multisite because we have to bend to several of SSP's assumptions about how things are organized (namely, storing certificates in files).
There may be some lower-level methods within SSP that can be used to parse assertions while still allowing us to customize other parts of the workflow.
Doing this would probably also fix https://github.com/ktbartholomew/saml-20-single-sign-on/issues/2