I have been working on fedlet a lot these days. The greatest advantage of using fedlet is the customization. Since it is open source product, the jars available from fedlet application allows us to customize the federation process. It is also more useful to integrate with Custom IDPs.
The important jar files are:
openfedlib.jar
opensso-sharedlib.jar
These jars are present in fedlet sample application generated during fedlet setup. The major java files where customization can be made are:
SPSSOFederate.java generates the SAML Authentication request.
SPACSUtils.java processes the SAML response.
SAML2Utils.java verifies the response for validity of SAML response and assertion, signature and encryption.
Once these java files are modified appropriately, compile the class file and put the class file back to openfedlib.jar. Place the jar under application WEB-INF/lib folder and restart the application server (where fedlet is deployed) for changes to take into effect.
If you get any exceptions in fedlet, you can look for libSAML2.properties file located under WEB-INF/classes for all mapped error scenarios.
For example, while testing the SAML SSO, if you see exception "Version is not present in the request" then look for mapped error in the libSAML2.properties file. Then search in fedlet java classes where missingVersion error is thrown.
Let me know if you need assistance to customize any specific functionality with fedlet, I can help you.
The important jar files are:
openfedlib.jar
opensso-sharedlib.jar
These jars are present in fedlet sample application generated during fedlet setup. The major java files where customization can be made are:
SPSSOFederate.java generates the SAML Authentication request.
SPACSUtils.java processes the SAML response.
SAML2Utils.java verifies the response for validity of SAML response and assertion, signature and encryption.
Once these java files are modified appropriately, compile the class file and put the class file back to openfedlib.jar. Place the jar under application WEB-INF/lib folder and restart the application server (where fedlet is deployed) for changes to take into effect.
If you get any exceptions in fedlet, you can look for libSAML2.properties file located under WEB-INF/classes for all mapped error scenarios.
For example, while testing the SAML SSO, if you see exception "Version is not present in the request" then look for mapped error in the libSAML2.properties file. Then search in fedlet java classes where missingVersion error is thrown.
missingVersion=Version is not present in the request.
Let me know if you need assistance to customize any specific functionality with fedlet, I can help you.
No comments:
Post a Comment