OpenSAML user discussion

["Alexander Müller" <>]

Hi,

quite a few time ago I implemented a SAML 1.1 IdP which was fairly easy - to 
be honest however with a good share of help from Scott -, generating the 
artifact with SAMLArtifactType0001 and remembering it along with the data, 
then receiving the SAML request from the SP, generating the response from the 
stored data and sending it off.

I am having now a similar project and considered this time Shibboleth, 
however the authentication is a little bit more complicated this time and so 
it appears I would need to write a custom extension integrating the 
authentication into the SAML process flow, which doesnt seem to be the 
easiest part.

Because of that I am currently considering using again OpenSAML directly. The 
artifact generation itself still seems rather easy using 
SAML2ArtifactType0004, however I am running into some understanding problems 
upon receiving and processing the SAML request from the Service Provider. 
Basically I am missing the binding classes, I noticed the 
org.opensaml.*.binding.* packages, but havent found any classes/methods which 
would allow me to extract the SAML request from the HTTP request respectively 
to send off the actual SAML response/assertion - as I could with 
SAMLBindingFactory.getInstance(SAMLBinding.SOAP).

I admit I might be lacking some basic understanding of the changes in 
OpenSAML 2, or SAML 2 in general, but I am currently truly lost and hope 
someone could just point me into the right direction, with some pseudo code 
or general hint, given it hasnt got too complex with OpenSAML 2.

Thanks,
Alexander