IRC Logs for #circuits Saturday, 2017-02-11

GitHub86[circuits] spaceone closed pull request #224: Add HTTP 308 moved permanently (RFC 7538) (master...patch-3)
GitHub65[circuits] spaceone pushed 1 new commit to master:
GitHub65circuits/master 351410d Jim Scarborough: Add HTTP 308 moved permanently (RFC 7538) (#224)22:15
spaceoneprologic: apollo13: I implemented a SAML service provider library in circuits.http22:37
apollo13holy shit, that is all saml needs?22:38
apollo13I thought it would be a more complex beast22:38
spaceonewell, the identity provider is more complex22:38
spaceoneof course this uses the library pysaml222:38
spaceonemaybe one day i have enough time to also implement a identity provider22:40
apollo13Imo there are already plenty of tools out there for that22:40
apollo13unless you are bored :D22:40
spaceonei don't recommend to use it currently because pysaml2 uses xmldsig which is currently culnerable to XEE attacks22:41
apollo13I wanna try
spaceonei want to implement oAuth as well22:42
apollo13ah it uses libxmlsec, then defusedxml will obviously not help either :D22:42
spaceoneSAML needs cookies, and i hate cookies22:42
apollo13how are you going to track login status if not with cookies22:42
spaceonei personally always use http authentication22:43
apollo13a well, UX sucks there22:43
spaceonethats what i hate at the W3C22:43
apollo13well I can keep around the UI, but UX is horrible (user experience)22:43
spaceonethey care about how buttons look but not that you can add a simple login dialog in your website22:43
apollo13if you do oauth: oauthlib is quite good22:44

Generated by 2.14.0 by Marius Gedminas - find it at!