Yes, that's the one. It's not tied to the OneLogin service or any other. We are successfully using it against Google Workspace SAML authentication, and against test servers running KeyCloak, and hoping to use it against Microsoft Azure as well (but I haven't confirmed that it definitely works yet). As far as I can tell it's free to use as it's an MIT-style License. And at least, one can get at the code and "fix" things if needed.
On Tue, Mar 16, 2021 at 4:19 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > Robert, > > On 3/16/21 14:33, Robert Turner wrote: > > Chris, > > > > I'm not sure if it will do what you want, but when sourcing Java-based > SAML > > libraries for our use as an SP, I too found that most of the libraries > were > > much larger and more complicated that I thought necessary. We went with > the > > (limited but simple to use) OneLogin libraries for our use case. It > doesn't > > do everything by any means, but was considerably smaller and simpler than > > most packages out there. > > I did see the OneLogin library. You mean this one, right? > https://github.com/onelogin/java-saml > > Is there anything tied to any particular service for that? Or do they > simply give-away their library for use anywhere? > > Thanks, > -chris > > > On Tue, Mar 16, 2021 at 1:55 PM Christopher Schultz < > > ch...@christopherschultz.net> wrote: > > > >> All, > >> > >> I've got a system which is accepting one-legged, signed SAML responses > >> from trusted third parties and going all the right things. It's working > >> great. > >> > >> It's time to look at doing the opposite: assembling our own SAML > >> responses, signing them, and sending them to another party. > >> > >> I'm sure I could manually create a DOM document with all the right > >> namespaces, add the various values that I need, and then use XML DSIG > >> using the bits and pieces that are provided by Java directly, but > >> there's got to be a nice compact library that doesn't require me to > >> download the entire internet in order to use in my product. > >> > >> Any recommendations? > >> > >> Thanks, > >> -chris > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >> For additional commands, e-mail: users-h...@tomcat.apache.org > >> > >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
