Skip to content

A JAVA library for implementing a minimal SAML IdP for connecting to Openconext-Engineblock

Notifications You must be signed in to change notification settings

OpenConext/openconext-saml-java

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

65 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

openconext-samlidp-libjava

JAVA CI Coverage Branches

The 3.0.0. release now uses the latest tomcat-embed-core which is compliant with Spring Security 6. All references to javax.servlet.http.HttpServletResponse have been replaced with jakarta.servlet.http.HttpServletResponse.

The main interface of the SAML library is SAMLService. It provides the following functionality for service / identity providers:

  • create an (optionally signed) org.opensaml.saml.saml2.core.AuthnRequest
  • construct the SP metadata
  • parsing SAML to an org.opensaml.saml.saml2.core.AuthnRequest
  • sending SAML response back to the Service Provider
  • construct the IdP metadata
  • resolve the SigningCredential of a Service Provider based on the metadata URL

The saml-java library uses a private RSA key and corresponding certificate to sign the SAML requests. If you want to deploy the application in an environment where the certificate needs to be registered with the Service Provider (Proxy) then you can generate a key pair with the following commands:

openssl genrsa -traditional -out saml_idp.pem 2048
openssl req -subj '/O=Organization, CN=SURF/' -key saml_idp.pem -new -x509 -days 365 -out saml_idp.crt

If you need to register the IdP public key somewhere then issue this command and copy & paste it for the correct IdP:

cat saml_idp.crt |ghead -n -1 |tail -n +2 | tr -d '\n'; echo

About

A JAVA library for implementing a minimal SAML IdP for connecting to Openconext-Engineblock

Resources

Stars

Watchers

Forks

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages