Service provider implementation with SAML 2 and Java

java saml
12,766

If you need to build a SP in Java I would recommend using Spring SAML module or the OpenSAML library, but these may give you more work. If you end up using OpenSAML I have a book, A Guide to OpenSAML, introducing the SAML and the OpenSAML library.

I also have a blogg with many examples.

I would however recommend that you first look into using a ready product for SAML like Shibboleth which is a free and open source solution for SAML. This will save you from needing to learn the specifics of the SAML protocol and also it will be much safer as different security considerations have already been made by the developers.

Share:
12,766
Admin
Author by

Admin

Updated on June 17, 2022

Comments

  • Admin
    Admin about 2 years

    After going through so many google sites, reading so many QA in stackoverflow, really getting confused how to implement SP using SAML 2 with Java.

    I understand the theory concept but not getting a clue how to implement it exactly.

    Currently, my client already shared IDP metadata file with me and asking for SP metadata file. This is my first struggling point.

    1. How to generate metadata files actually? Is there a tool to generate it?
    2. How to implement SAMLRequest generation, SAMLResponse parsing using Java libraries.
    3. People recommending so many publicly available sites which supports IDP, SP functionalities but could not be able to choose the right one to proceed. I need some specific example of Service Provider implementation in Java with SAML 2.

    Really appreciate if somebody help me in this context. Please correct me if my questions are not clear so that i will try to edit it.

  • Admin
    Admin almost 9 years
    Thank you stefan... I read your replies to other questions also. Client specifically asking me to use OpenSAML (I am not sure why...) so I am looking for some sample implementations on that... will work as you suggested.
  • judielaine
    judielaine over 8 years
    OpenSAML is well tested and interoperable code. You are likely to get signing and encryption done in an interoperable manner with an existing library, and OpenSAML is used fairly widely. Shibboleth is developed by the same group that makes OpenSAML and you can see their code at wiki.shibboleth.net/confluence/display/DEV/Source+Code+Acces‌​s
  • Stefan Rasmusson
    Stefan Rasmusson over 8 years
    Ok good luck, my book is based on a example implementation of a SAML sp I have on github

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What is the point of OpenSAML? Any alternative?
How do I talk to ADFS from Java?
Web SSO using Java and SAML 2.0
How to implement SAML SSO
How to Load RSA Private Key From File
How to validate WS-Federation SAML tokens with Java Service Provider
Spring Security SAML Implementation
Error : Flutter - Missing 'package' key attribute on element package at [com.google.android.gms:play-services-maps:18.0.2] AndroidManifest.xml:33:9-64
Azure build error: "Android Gradle plugin requires Java 11 to run. You are currently using Java 1.8"
flutter gradle build failed with gradle 4.2.2 and sdk version 31