Reputation: 857
Creating credential object from IDP Metadata with OpenSAML v3
I am trying to validate the SAML response I get back from SSO Sircle (IDP). In order to do that, I am using the IDP metadata provided by SSO circle (https://idp.ssocircle.com/idp-meta.xml) in order to create the credential object with the IDP public key as follows:
FilesystemMetadataResolver idpMetadataResolver = new FilesystemMetadataResolver(new File("C:\\idp_metadata.xml"));
idpMetadataResolver.setRequireValidMetadata(true);
idpMetadataResolver.setParserPool(new BasicParserPool());
idpMetadataResolver.initialize();
MetadataCredentialResolver credentialResolver = new MetadataCredentialResolver();
credentialResolver.setRoleDescriptorResolver(new BasicRoleDescriptorResolver(idpMetadataResolver));
CriteriaSet criteriaSet = new CriteriaSet();
criteriaSet.add(new EntityIdCriterion("https://idp.ssocircle.com"));
criteriaSet.add(new EntityRoleCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME));
X509Credential credential = (X509Credential)credentialResolver.resolveSingle(criteriaSet);
However, this throws an exception when trying to initialize the idpMetadataResolver:
net.shibboleth.utilities.java.support.component.ComponentInitializationException: Component identifier can not be null
at net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent.doInitialize(AbstractIdentifiedInitializableComponent.java:65)
at org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver.doInitialize(AbstractMetadataResolver.java:188)
at net.shibboleth.utilities.java.support.component.AbstractInitializableComponent.initialize(AbstractInitializableComponent.java:61)
I am very new to OpenSAML and I've been mainly looking at examples and tutorials online but most of them are written for OpenSAML v2.0. I was wondering if I am doing something wrong when initializing the objects.
Upvotes: 0
Views: 1865
Answers (1)
Reputation: 857
After some digging on the OpenSAML 3 Java docs and the Shibboleth dev community, I think I found an answer to my question. The Metadata resolver object needs to be setup as follows:
FilesystemMetadataResolver idpMetadataResolver = new FilesystemMetadataResolver(new File("C:\\idp.xml"));
idpMetadataResolver.setRequireValidMetadata(true);
idpMetadataResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool());
idpMetadataResolver.setId("someidentifier");
idpMetadataResolver.initialize();
Upvotes: 2
Related Questions
- Create a credential object in java SAML
- IdP metadata EntitiesDescriptor
- How to generate saml 2.0 sso service metadata
- Generating a SAML SP metadata file that works with ASP.NET Identity 2.0 Federation authentication
- No IDP metadata From IDP
- OpenSaml read metadata
- Should AuthnStatement be present in IdP initiated SAMLResponse
- Skip IDP authentication in SAML
- how to Configure openam as Identity provider(IdP) to test SAML based SSO
- Composing a SAML2 AuthnRequest for OpenAM