Release Notes

SAML 1.1 Java Toolkit 2.0

This project represents the first release of Ping Identity's SAML-1.1 implementation. This implementation of SAML-1.1 provides toolkit level support for the web browser SSO profiles of SAML (Artifact & POST) as well as the SAML protocol SOAP binding.

The toolkit provides integration points in the form of APIs and interfaces that enable you to plug in your application and its specific business logic to the SAML-1.1 implementation.

A simple demo application has been provided which demonstrates how to integrate the SAML-1.1 toolkit into your custom application. It contains examples some toolkit API usage and interface implementations showing toolkit integration in the context of a basic Java web application. Example integration implementations have been provided for both of the Artifact and POST web browser SSO profiles. Example integration implementations of SAML protocol SOAP bindings for attribute queries and assertion id reference requests have also been provided.

Change Log

  • N/A

Setup / Installation

To build SAML 1.1 Java Toolkit 2.0, you'll need:

  • Windows XP or Linux (kernel 2.4.2+)
  • Java JDK 1.4.2
  • JBoss 3.2.5
  • Ant 1.6.2
  1. Unzip the source archive into a work directory
  2. Go to the SAML_1.1_Java_Toolkit_2.0 directory:
    1. Edit the "build.local.properties" file; set the "jboss.dir" property to point to the directory where JBoss is installed
    2. After editing "build.local.properties" file, copy it to the Infrastructure directory
  3. From the SAML_1.1_Java_Toolkit_2.0 directory run "ant demo-deploy"
  4. Enable SSL in JBoss. In ${jboss.server.dir}deployjbossweb-tomcat50.sarserver.xml uncomment the SSL connector and add/change the keystore and truststore parameters as follows:

    <Connector port="8443" address="${jboss.bind.address}"
      maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
      scheme="https" secure="true" clientAuth="false"
      keystoreFile="${jboss.server.home.dir}/conf/sourceid.keystore"
      keystorePass="changeit"
      truststoreFile="${jboss.server.home.dir}/conf/sourceid.keystore"
      truststorePass="changeit"
      sslProtocol="TLS"/>

  5. Optionally disable the verbose logging of the SourceID workflow engine by adding the following to the ${jboss.server.dir}/conf/log4j.xml file right above the configuration for the root logger:

    <category name="org.obe">
      <priority value="WARN"/">
    </category">

  6. Start JBoss.

At this point, the Demo application using the SourceID SAML 1.1 - Java Toolkit 2.0 should be deployed and ready to use (assuming JBoss is running). You can access the Demo application by going to:

http://localhost:8080/sourceid-saml-demo/

The page has links to the AP demo application and the RP demo application as well as a link to a page that demonstrates some SAML protocol SOAP binding.

On the AP login page you can use the following username/password: joe / test

On the RP login page you can use the following username/password: joe123 / test

Please note that default deployment of the SAML-1.1 demo application server acts as both AP and RP.

Known Defects

No known defects at this time.

Additional Notes

  • Integrating with the toolkit
    A simplistic demo application has been provided which demonstrates how to integrate the SAML-1.1 toolkit into your custom application. In general you should refer to the demo application for examples of the necessary steps involved. The main step in integration involves implementing a few interfaces that adapt your application to the toolkit. These interfaces and their supporting classes can be found in the org.sourceid.saml11.adapter package and its sub-packages. The example implementations in the demo can be found in the org.sourceid.saml11demo.ap.adapter and org.sourceid.saml11demo.rp.adapter packages, and are configured in the sourceid-core-config.xml file. To generate javadoc on the adapter interfaces run "ant doc-public-toolkit-apis" from the SAML_1.1_Java_Toolkit_2.0 directory.

Manifest

  • Source code for SourceID SAML 1.1 - Java Toolkit 2.0, a Demo application, and supporting libraries
  • Demo application which demonstrates how to integrate the SourceID SAML 1.1 - Java Toolkit 2.0 into a custom application

Copyright

Ping Identity Corporation
1099 18th St., Suite 2950
Denver, CO 80202
U.S.A.
Phone: 303.468.2900
FAX: 303.468.2909
E-Mail: info@pingidentity.com

Copyright (C) Ping Identity Corporation, 2004-2005
All Rights Reserved

This document is provided for information purposes only, and the information herein is subject to change without notice. Ping Identity Corporation does nor provide any warranties covering and specifically disclaims any liability in connection with this document.

All other company and product names mentioned are used for identification purposes only and may be trademarks of their respective owners.