Hello.
I have just been given the task of adding to our web site the ability to accept SAML-based SSO requests from our clients, whereby our web site would be the service provider, and I have been looking for libraries that would make the task easier. (In the past I have written a similar implementation from scratch for a previous company, but it was specific for one client, not generalized.)
It looks like OpenSAML will the perfect solution.
I have downloaded the source and binaries for OpenSAML 2.3.1, and have been reading the user's manual at https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManual. I must admit to being quite confused.
The first example in the user's manual uses class BasicParserPool in package org.opensaml.xml.parse, but I can't seem find this package or even org.opensaml.xml . I browsed the jar file and the source and I just don't see it.
What am I missing?
Thanks,
---Mark
It looks like OpenSAML will the perfect solution.
I have downloaded the source and binaries for OpenSAML 2.3.1, and have been reading the user's manual at https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManual. I must admit to being quite confused.
The first example in the user's manual uses class BasicParserPool in package org.opensaml.xml.parse, but I can't seem find this package or even org.opensaml.xml . I browsed the jar file and the source and I just don't see it.
The discussion on the Shibboleth list was actually about a person using
the Spring Security SAML module so that might be an option. There is
also oiosaml which is based on OpenSAML. Both are native Java but I
can't vouch for the completeness or security rigor of either one.
On 1/10/11 1:50 PM, Mark Barnes wrote:
> Thank you for your response, Scott.
>
> I am looking at Shibboleth SP now.
>
> One of the first things I noted is that, when using Java Servlets, the
> use of Apache is required. We don't use Apache. I'm not sure if we can
> make that switch or not.
>
> Are there any examples of using OpenSAML directly by the service itself
> that you can point me to?
>
> ---Mark
>
> *From:*mace-opensaml...@internet2.edu
> [mailto:mace-opensaml...@internet2.edu] *On Behalf Of
> *Cantor, Scott E.
> *Sent:* 07 January, 2011 8:51 PM
> *To:* <mace-open...@internet2.edu>
> *Cc:* mace-open...@internet2.edu
> *Subject:* Re: [OpenSAML] Questions - Just starting out with OpenSAML
>
>
> On Jan 7, 2011, at 8:24 PM, "Mark Barnes" <Mark....@rightthinginc.com
--
Chad La Joie
http://itumi.biz
trusted identities, delivered
There are a handful of implementations mentioned in the wiki, I believe. They may or may not prove to be a good fit, and I don't know much about them at the lower levels of detail. I rather suspect you'd be much better off enhancing one of them than starting over, though.
-- Scott
What you're seeing is a classpath issues. Be sure that all the jars
bundled with opensaml are on the classpath. In particular the xmlsec
jar contains the class you're seeing in the error. I have no experience
with WebLogic so I have no idea how you do that.
Also, in regards to endorsement, you should only have the jars located
in the "endorsed" directory that comes with OpenSAML within your
JVM/container endorsed directory. Copying everything over is not a good
thing and will likely lead to other errors.