JBoss.orgCommunity Documentation

Chapter 2. Identity API for SAML v2

Note

Use SAML2Request API class for creating SAML request objects.

Use SAML2Response API class for creating SAML response objects.

The following examples displays usage of the API provided in the Identity Federation product.

The SAML2Request API class can be used to create SAML2 requests and convert it into XML and back using the marshall or unmarshall methods. 

          import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
          import org.jboss.identity.federation.saml.v2.protocol.LogoutRequestType;

          SAML2Request saml2Request = new SAML2Request(); 

          //We will create an AuthnRequest
          AuthnRequestType authnRequest = request.createAuthnRequestType( 
            id, "http://sp", "http://idp", "http://sp"); 

          //Now marshall the request into a byte array based output stream
          ByteArrayOutputStream baos = new ByteArrayOutputStream();
          request.marshall(authnRequest, baos); 
          request.marshall(authnRequest, System.out); //To Console 

          //Assume that we have an inputstream where we get the SAML feed
          InputStream is = new ByteArrayInputStream(baos.toCharArray());
          authnRequest = saml2Request.unmarshall(is);

          //We will create a log out request 
          LogoutRequestType lrt = saml2Request.createLogoutRequest("http://idp");

SAML2Response API class can be used to create SAML2 response objects as well as marshall and unmarshall to xml and back. 

          import org.jboss.identity.federation.api.saml.v2.request.SAML2Response;

          SAML2Response saml2Response = new SAML2Response(); 
          saml2Response.createTimedConditions(assertion, this.assertionValidity)

          //IssuerInfoHolder is a class for information on the Issuer of SAML Assertions
          IssuerInfoHolder issuerHolder = new IssuerInfoHolder("http://idp");
          issuerHolder.setStatusCode(JBossSAMLURIConstants.STATUS_SUCCESS.get());
      
          //IDPInfoHolder is a class for information on the Identity Provider
          IDPInfoHolder idp = new IDPInfoHolder();
          idp.setNameIDFormatValue(IDGenerator.create());
      
          //SPInfoHolder is a class for information on the Service Provider

          ResponseType rt = JBossSAMLAuthnResponseFactory.createResponseType(
               "response111",
               new SPInfoHolder(), idp, issuerHolder);
      
          ByteArrayOutputStream baos = new ByteArrayOutputStream();
          saml2Response.marshall(rt, baos);