使用 SAML 2 和 Java 实现服务提供者
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/32665523/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Service provider implementation with SAML 2 and Java
提问by user4501968
After going through so many google sites, reading so many QA in stackoverflow, really getting confused how to implement SP using SAML 2 with Java.
浏览了这么多谷歌网站,在stackoverflow中阅读了这么多QA,真的很困惑如何使用SAML 2和Java来实现SP。
I understand the theory concept but not getting a clue how to implement it exactly.
我了解理论概念,但不知道如何准确实施它。
Currently, my client already shared IDP metadata file with me and asking for SP metadata file. This is my first struggling point.
目前,我的客户已经与我共享了 IDP 元数据文件,并要求提供 SP 元数据文件。这是我的第一个挣扎点。
- How to generate metadata files actually? Is there a tool to generate it?
- How to implement SAMLRequest generation, SAMLResponse parsing using Java libraries.
- People recommending so many publicly available sites which supports IDP, SP functionalities but could not be able to choose the right one to proceed. I need some specific example of Service Provider implementation in Java with SAML 2.
- 实际上如何生成元数据文件?有工具可以生成吗?
- 如何使用 Java 库实现 SAMLRequest 生成、SAMLResponse 解析。
- 人们推荐了这么多支持 IDP、SP 功能的公开站点,但无法选择正确的站点继续进行。我需要一些使用 SAML 2 在 Java 中实现服务提供者的具体示例。
Really appreciate if somebody help me in this context. Please correct me if my questions are not clear so that i will try to edit it.
如果有人在这种情况下帮助我,真的很感激。如果我的问题不清楚,请纠正我,以便我尝试对其进行编辑。
回答by Stefan Rasmusson
If you need to build a SP in Java I would recommend using Spring SAML moduleor the OpenSAML library, but these may give you more work. If you end up using OpenSAML I have a book, A Guide to OpenSAML, introducing the SAML and the OpenSAML library.
如果您需要用 Java 构建 SP,我建议您使用Spring SAML 模块或OpenSAML 库,但这些可能会给您带来更多工作。如果您最终使用 OpenSAML,我有一本书,A Guide to OpenSAML,介绍了 SAML 和 OpenSAML 库。
I also have a blogg with many examples.
我还有一个博客,里面有很多例子。
I would however recommend that you first look into using a ready product for SAML like Shibbolethwhich is a free and open source solution for SAML. This will save you from needing to learn the specifics of the SAML protocol and also it will be much safer as different security considerations have already been made by the developers.
但是,我建议您首先考虑使用现成的 SAML 产品,例如Shibboleth,它是SAML的免费开源解决方案。这将使您无需了解 SAML 协议的细节,而且由于开发人员已经做出了不同的安全考虑,它也会更加安全。
回答by nzpcmad
@Stefan has some good suggestions.
@Stefan 有一些很好的建议。
What you need is a SAML protocol client side stack. Refer : SAML : SAML connectivity / toolkitand the links inside the article.
您需要的是 SAML 协议客户端堆栈。请参阅:SAML:SAML 连接/工具包和文章中的链接。
In terms of your questions, different stack do this in different ways. Some of the commercial stacks that I have used have excellent documentation and sample code to do all this.
就您的问题而言,不同的堆栈以不同的方式执行此操作。我使用过的一些商业堆栈具有出色的文档和示例代码来完成所有这些工作。
![Spring - 参数值与预期类型不匹配 [java.lang.Long]](/res/img/loading.gif)