Tuesday, September 9, 2014

OpenSAML book release!

After many late nights and tedious editing, I have finished my book on OpenSAML,  based on my experiences working with the OpenSAML library. A Guide to OpenSAML is a short book that introduces SAML, the SAML Web Browser Profile and the use of OpenSAML.

The book has three parts, the first of which introduces SAML, SAML Web Browser Profile and OpenSAML. The next part goes deeper into explaining the Web Browser Profile more in detail and shows an example on how to implement it using OpenSAML. The last part explains and shows examples on how to use some of the security functions in OpenSAML, like signatures and encryption.

The SAML Web Browser Profile is flexible and can be used in many different ways. The book shows the SAML Web Browser Profile with the following configurations:

  • SP initiated Single Sign-On
  • Authentication request using HTTP Redirect Binding
  • Assertion transported using HTTP Artifact Binding
  • SAML Artifact transported using HTTP Redirect Binding
  • Artifact resolution using SOAP Binding

The book explains the interaction from the Service Provider’s point of view. The implementation of the Identity Provider is not covered in this book.

The package contains the book in PDF format, three different e-reader formats(EPUB, MOBI, AZW3) and a sample project showing OpenSAML in action.


  1. Stefan, I have bought your book and am in the process of reading it. The identify provider I need to work with wants to use http post end points and no artifacts. Do you know of some examples I can look at for that? Thanks

  2. Hello, I purchased your book and am attempting to hook up an identity provider with my existing service provider. Do you know if there is any reason why the identity provider would not work with my service provider assuming it is configured correctly?

    1. There can be all sorts of reasons. I would start checking for error messages on the SP and IDP