Skip to content

divlv/auth10-java

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE.txt
LICENSE.txt
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Forked version of "auth10-java" library with fixed bugs and extended functionality

This library speaks the WS-Federation protocol and SAML 1.1 and 2.0 tokens. It interops fine with Microsoft-related products like ADFS, Windows Azure Active Directory and Windows Identity Foundation.

The code is a simplified version with some improvements of the library released by Microsoft https://github.com/WindowsAzure/azure-sdk-for-java-samples.

This version uses secure certificate to verify the response authority from your authentication provider.

Usage

Clone it

git clone https://github.com/divlv/auth10-java.git

Or download it as zip from https://github.com/divlv/auth10-java/zipball/master

Import the Maven that was just downloaded in your project (File -> Import -> Existing Maven Projects)

Add a reference to com.auth10.federation library from your project. Edit your project Maven file pom.xml and add this:

<dependencies>
	...
	<dependency>
		<groupId>com.auth10.federation</groupId>
		<artifactId>auth10-federation</artifactId>
		<version>0.9.3</version>
	</dependency>
	...
</dependencies>

Add a federation.properties file under your app server's resources folder (e.g. /your_tomcat/conf/federation.properties):

#
# "keystore.file" is a Resource file, so it should be within Tomcat/conf directory
keystore.file=/mykeystore.jks
keystore.password=Geyser66us79Spoonful
keystore.certificate.alias=mycertificate1
#
federation.trustedissuers.issuer=https://your_identity_provider/
federation.trustedissuers.thumbprint=CF50166CE4B....signing cert thumbprint...4DA668F96BF
federation.trustedissuers.friendlyname=My Identity Provider
# (in most cases, the return URL below)
federation.audienceuris=http://localhost:8080/sample-federation/
# (in most cases, the return URL below)
federation.realm=http://localhost:8080/sample-federation/
federation.enableManualRedirect=false
# (in most cases, the return URL below)
federation.reply=http://localhost:8080/sample-federation/

Place Java Key Store file with your validation certificate near your federation.properties file. "keystore.password" - is a password to decrypt keystore and the certificate will be searched by "keystore.certificate.alias".

Add the WSFederationFilter to the web.xml file:

<filter>
  <filter-name>FederationFilter</filter-name>
  <filter-class>com.auth10.federation.WSFederationFilter</filter-class>
  <init-param>
    <param-name>login-page-url</param-name>
    <!-- this is used only if manual redirect is enabled. Otherwise the user will be automatically redirected to the identity provider when browsing the website -->
    <param-value>login.jsp</param-value>
  </init-param>
  <init-param>
    <param-name>exclude-urls-regex</param-name>
    <!-- e.g.: public folder won't be affected by the filter. To add more concat with pipe (|) -->
    <param-value>/public/*</param-value>
  </init-param>
</filter>
<filter-mapping>
  <filter-name>FederationFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

Consuming user attributes

// gets the user name
String name = request.getRemoteUser();

// gets the user claims
List<Claim> claims = ((FederatedPrincipal)request.getUserPrincipal()).getClaims()

About

WSFederation and SAML library for Java based web applications

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Java 100.0%