Skip to content

Latest commit

 

History

History
29 lines (24 loc) · 1.51 KB

README.md

File metadata and controls

29 lines (24 loc) · 1.51 KB

openconext-samlidp-libjava

JAVA CI codecov.io

The main interface of the SAML library is SAMLService. It provides the following functionality for service / identity providers:

  • create an (optionally signed) org.opensaml.saml.saml2.core.AuthnRequest
  • construct the SP metadata
  • parsing SAML to an org.opensaml.saml.saml2.core.AuthnRequest
  • sending SAML response back to the Service Provider
  • construct the IdP metadata
  • resolve the SigningCredential of a Service Provider based on the metadata URL

The saml-java library uses a private RSA key and corresponding certificate to sign the SAML requests. If you want to deploy the application in an environment where the certificate needs to be registered with the Service Provider (Proxy) then you can generate a key pair with the following commands:

openssl genrsa -traditional -out saml_idp.pem 2048
openssl req -subj '/O=Organization, CN=SURF/' -key saml_idp.pem -new -x509 -days 365 -out saml_idp.crt

If you need to register the IdP public key somewhere then issue this command and copy & paste it for the correct IdP:

cat saml_idp.crt |ghead -n -1 |tail -n +2 | tr -d '\n'; echo