Creating SAML objects This is implementations of some of the methods in the SAMLUtil class referenced in other examples. OpenSAML has a bit struggling way to create SAML objects using a factory pattern. The normal way to create a SAML object is like this. 1XMLObjectBuilderFactory builderFactory = …

For all cryptographic functions OpenSAML requires a Credential which is a basically a cryptographic key wrapped in an object. The Credential can contain either an symmetric key or an asymmetric key not both. The Credential can be created manually with BasicX509Credential and BasicCredential classes and then populated …

In my case the, after the sign on at the IdP is completed, the user is redirected to my `Assertion Consumer Service URL defined in meta data. The IdP sends an artifact back as a parameter.The artifact is a label pointing to the actual user data/login information(the assertion) at the IdP. The user data is not sent in …

To logout an user from the SP an LogoutRequest is sent. The data needed about the user is the SessionIndex and NameID from the data recived at login. I my case in the Assertion in the Artifact Resolve Response. 1//IPR Ergogroup AS 2public static void doSynchronousLogout(final HttpSession sessionToLogout, final …

In this post I will show you how to start the SAML Single sign-on process by sending a authentication request using OpenSAML. The process starts with a redirect from the SP(The one wanting to authenticate someone) to the IdP(The one authenticating). To start the authentication the SP sends a SAML AuthnRequest as …

Information and example on how to sign and send authnrequests in OpenSAML