For all cryptographic functions OpenSAML requires a Credential which is a basically a cryptographic key wrapped in an object. The Credential can contain either an symmetric key or an asymmetric key not both. The Credential can be created manually with BasicX509Credential and BasicCredential classes and then populated …

In my case the, after the sign on at the IdP is completed, the user is redirected to my `Assertion Consumer Service URL defined in meta data. The IdP sends an artifact back as a parameter.The artifact is a label pointing to the actual user data/login information(the assertion) at the IdP. The user data is not sent in …

To logout an user from the SP an LogoutRequest is sent. The data needed about the user is the SessionIndex and NameID from the data recived at login. I my case in the Assertion in the Artifact Resolve Response. 1//IPR Ergogroup AS 2public static void doSynchronousLogout(final HttpSession sessionToLogout, final …