Skip to main content

Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

SAML2 IdP 1.1

{{#eclipseproject:technology.higgins|eclipse_custom_style.css}}

Version 1.1

  • This page describes the Higgins 1.1 SAML2 IdP Solution
  • See SAML2 IdP 1.0 for the Higgins 1.0 version

Introduction

The Higgins SAML2 IdP supports the SP-initiated SSO profile defined by SAML 2.0 specifications. Two parties are involved in this profile: A service provider (relying party, SP), and an identity provider (IdP). The SP offers protected services and relies on the IdP to authenticate users.

See SAML2 IdP Overview 1.1 for a detailed description of the SAML2 IdP solution's functionality.

An instance of the SAML2 IdP is deployed at https://graceland.parityinc.net/saml2idp-test/.

End-User Perspective

Functionality

The SAML2 IdP allows users to sign in to SPs (relying parties) using their credentials at some IdP.

Setup

The end user does not have to set up anything. The process is triggered by the end user trying to sign in at a SP.

Deployer Perspective

See SAML2 IdP Deployment 1.1 for a detailed description of how to download and deploy the SAML2 IdP.

Download

See SAML2_IdP_Deployment_1.1#Obtain_.WAR_files.

Deploying

See SAML2_IdP_Deployment_1.1#Deploy_the_web_applications_on_Tomcat.

Configuration

See SAML2_IdP_Deployment_1.1#Configure_the_web_applications.

Developer Perspective

See SAML2 IdP Development 1.1 for a detailed description of how to set up your development environment for the SAML2 IdP solution.

Architecture

The SAML2 IdP solution consists of two web applications (the actual IdP, and an example SP). They support the SP-initiated SAML 2.0 SSO profile:

Saml2idp-1.png

See http://www.oasis-open.org/committees/security/ for more details about the SAML 2.0 protocol.

The Higgins components used by this solution are:

  • plugins/org.eclipse.higgins.configuration.api
  • plugins/org.eclipse.higgins.configuration.common
  • plugins/org.eclipse.higgins.configuration.xml
  • plugins/org.eclipse.higgins.configuration.xrds
  • plugins/org.eclipse.higgins.idas.api
  • plugins/org.eclipse.higgins.idas.common
  • plugins/org.eclipse.higgins.cp.jndi
  • plugins/org.eclipse.higgins.idas.registry
  • plugins/org.eclipse.higgins.idas.spi
  • plugins/org.eclipse.higgins.messages
  • plugins/org.eclipse.higgins.saml2idp.saml2
  • plugins/org.eclipse.higgins.util.idas.cp
  • plugins/org.eclipse.higgins.util.jscript
  • plugins/org.eclipse.higgins.util.socket

Building

The two web applications that constitute the SAML2 IdP are:

  • app/org.eclipse.higgins.saml2idp.server
  • app/org.eclipse.higgins.saml2idp.test

These projects, as well as their dependencies, can be checked out from the Eclipse repository at the following SVN URI:

https://dev.eclipse.org/svnroot/technology

Future Work

See Also

Back to the top