Creating SAML indentity assertion in Spring web app

前提是你 提交于 2019-12-13 02:12:22

问题


We have a spring web app, and a third party application which need to know which user is logged in into the Spring application. Once the user is logged in the Spring app, he will have the possibility to access the third-party app in a transparent manner. For that purpose, we have to use SAML (third app need). So the Spring web app will work as an IDP, in an IDP-initiated way.

I found OpenSAML library, and this : http://blog.keksrolle.de/2010/07/27/how-to-create-a-valid-saml-2-0-assertion-with-opensaml-for-java.html

It shows an example on how to create SAML assertions, but I have some difficulties to find extra-documentation about creating a custom IDP...

So is there others tools than OpenSAML that could help us ? Or samples ?

I also found Shibboleth, but not sure if it can help in this particular case...

Thx


回答1:


OpenSAML is the best (and possible the only) Java library which simplifies low-level handling of SAML messages. You can find examples on how to use it to implement SAML IDP/SP components in source codes of products like Shibboleth or Spring SAML. You can also find some examples in this blog.

Writing a very simplistic IDP covering only your particular use-case directly with OpenSAML is probably the best way to go. Integrating Shibboleth is (imo) the close second best option, but it's far for trivial.



来源:https://stackoverflow.com/questions/28030031/creating-saml-indentity-assertion-in-spring-web-app

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!