This guide explains how to install sample SAML SP for Java on Tomcat for Windows.
Add the steps involved:
During the installation, select port 8090 (or another that is not taken) for HTTP/1.1 Connector Port.
The path to install Java is C:\Program Files\Java\jdk1.8.0_144\jre
The system is running when the address http://localhost:8090/ answers as follows:
You can also modify the port number after installation by editing the file C:\Program Files\Apache Software Foundation\Tomcat 9.0\conf\server.xml. |
Install "ubisp-sample":
Download latest package from https://demo.ubisecure.com/extranet/downloads/SamlSP_Java_Sample/
Unzip the package and extract all files in the directory C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\
Create private and public keys:
cd /d "C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\sample\WEB-INF" "C:\Program Files\Java\jdk1.8.0_144\bin\java.exe" -jar lib/ubisaml2.jar Generate http://localhost:8090/sample/spsso -o saml2/sp -y |
Create service provider metadata:
cd /d "C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\sample\WEB-INF" "C:\Program Files\Java\jdk1.8.0_144\bin\java.exe" -jar lib/ubisaml2.jar Metadata saml2/sp -f sp-metadata.xml -y |
Open the Ubisecure SSO management console. Save the identity provider's SAML 2.0 metadata file (metadata.xml) to the directory
C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\sample\WEB-INF\saml2\sp\metadata\
Add the earlier created metadata for the new application.
At "ID and Activation", press "Activate" and select the metadata from C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\sample\WEB-INF\sp-metadata.xml.
Add Password as an authentication method for the application. Go to "Allowed Methods" and add "Password".
Now you can add as many attributes as you wish to transmit to the application. Let's add: first name, last name, mobile phone, and roles. In order to do that, you must edit the "Value" that appears when you show values. Also, make sure that "Name" field doesn't have spaces but a single word. The following table shows the values you must add for each attribute:
Attribute | Name | Value |
---|---|---|
First name | name | user:givenname |
Surname | surname | user:sn |
Mobile phone number | mobilenumber | user:mobile |
Roles* | roles | eidm:roles |
*In order to add roles, you must select "eIDM Groups" in Site Navigator, and then select the eIDMUser group.
Once all attributes have been added, you will see something like this. Make sure that you have ticked "show values" for all attributes.
Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.
|