Skip to main content
Jump to: navigation, search

SAML2 IdP protocol library

Revision as of 10:10, 15 December 2008 by Agorb.parityinc.net (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

{{#eclipseproject:technology.higgins|eclipse_custom_style.css}}

Details

  • CVS & instructions: SAML2 IdP protocol library CVS
  • Javadoc: <missing:> we're not yet auto building the SAML2 IdP protocol library every night
  • Status: first code in 1.0M9
  • Language: Java
  • Packaging: OSGI bundle

Plan

  • Complete implementation of SAML 2.0 specifications.

Service

The SAML2 IdP protocol library is a simple, partial implementation of SAML 2.0 specifications. Here's a list of some of the functionality it provides:

  • AuthnRequests, Responses, AuthnStatements, Assertions, Subjects.
  • Create, parse, sign and verify SAML 2.0 messages.

Note that only a subset of SAML 2.0 specifications is supported.

Testing

The SAML2 IdP protocol library (saml2idp.saml2 project) is a good candidate for unit testing. In general, testing should involve creating instances of the classes in the project, calling methods on them and checking the results against expected behaviour.

The two web application projects (saml2idp.server and saml2idp.test) each contain helper classes named "SAMLUtil", which demonstrate how the saml2idp.saml2 project can be used).

Here are some ideas for tests:

  • Test the SAMLAuthnRequest class
    1. Create an instance of SAMLAuthnRequest
    2. Call several .setXXX() methods with sample values
    3. Call corresponding .getXXX() methods to check the values
    4. Serialize it to a String using XMLElement.dump()
    5. Re-create the SAMLAuthRequest from the String using one of the constructors of SAMLAuthnRequest
    6. Check all the settings again using .getXXX() methods
  • Repeat the previous for other classes of the saml2idp.saml2 project.
  • Test the XMLElement.fromXMLDate() and XMLElement.toXMLDate() methods. For example, do the following:
    1. Convert an instance of Date to a String using XMLElement.toXMLDate(). Check the result.
    2. Convert it back using XMLElement.fromXMLDate(). Check the result again.
  • Test the XMLElement.sign() and XMLElement.verify() methods. For example, do the following:
    1. Create (or read from files) instances of PublicKey and PrivateKey
    2. Create an instance of SAMLAuthnRequest, set some example settings and subelements
    3. Sign it with the private key using XMLElement.sign()
    4. Serialize it to a String using XMLElement.dump()
    5. Re-create the SAMLAuthRequest from the String using one of the constructors of SAMLAuthnRequest
    6. Verify the signature with the public key using XMLElement.verify()
  • Other tests? The SAMLUtil classes in the saml2idp.server and saml2idp.test projects may provide some more ideas for tests...

See Also

Links

Back to the top