An Overview of the Configuration Files
Steps required to integrate SAML SP to a web application are described in this chapter. An overview of the SAML SP configuration files created or modified during the process is shown in Listing 1 . The location of the web application is denoted with <webapp_directory> and should be replaced with the actual directory.
The steps are:
- The application’s deployment descriptor web.xml is modified to include the SAML SP servlet and filter configuration.
- The provided binary libraries are copied to the WEB-INF\lib directory.
- The provided logger configuration
logback.xml
is copied toWEB-INF\classes
directory. - SAML SP identity information is created to the WEB-INF\saml2\sp directory and the IDP metadata is copied to the WEB-INF\saml2\sp\metadata directory.
Code Block | ||||
---|---|---|---|---|
| ||||
<webapp_directory>\WEB-INF\web.xml [servlet and filter configuration] <webapp_directory>\WEB-INF\lib\*.jar [SAML SP binary libraries] <webapp_directory>\WEB-INF\classes\logback.xml [SAML SP logger configuration] <webapp_directory>\WEB-INF\saml2\sp\identity.properties [SAML SP identity] <webapp_directory>\WEB-INF\saml2\sp\metadata\metadata.xml [IDP metadata] |
Copying the Binary Libraries
Copy the binary libraries from ubispservlet/webapp/WEB-INF/lib
to the WEB-INF/lib
directory of the web application.
Code Block | ||||
---|---|---|---|---|
| ||||
cd ubispservlet\webapp\WEB-INF\lib copy lib\*.jar <webapp_directory>\WEB-INF\lib\. copy classes\logback.xml <webapp_directory>\WEB-INF\classes\ |
Create the SAML Service Provider identity
...
The HTTP endpoint is the fully qualified URL address where ServiceProviderServlet is bound. The path of ServiceProviderServlet is /spsso
.
The identity is generated into a file named identity.properties
. This file is located in the /WEB-INF/saml2/sp/identity.properties
path of the web application.
Code Block | ||||
---|---|---|---|---|
| ||||
cd <webapp_directory>\WEB-INF mkdir saml2\sp java -jar lib\sso-ubisaml2.jar Generate https://sp.example.com/webapp/spsso -o saml2\sp |
...
SAML metadata is an XML formatted document. The metadata represents the public information about the Service Provider identity.
Code Block | language | text|
---|---|---|
| ||
cd <webapp_directory>\WEB-INF java -jar lib\sso-ubisaml2.jar Metadata saml2\sp -f c:\temp\sp.xml |
...
The following properties are supported in ".href" file:
Value type | ||
---|---|---|
entityId | string | An entity identifier. Should be taken from IDP/AA metadata: <md
|
type | - IDP (Identity Provider); - AA (Attribute Authority). | An entity type. |
url | string | A URL to fetch metadata from. The same URL where SAML 2.0 IDP/AA metadata was fetched initially. See "Get the Metadata of the Identity Provider" step. |
refreshInterval | number | An interval in seconds to fetch the metadata. |
...