OpenSAML user discussion

["Scott Cantor" <>]

> thanks, I'll take a look at that. Is there documentation on how to use the
> Credential interface?

There's no documentation on anything because I'm apparently the last C++
programmer on earth. Or maybe second to last.

> For example, all the classes I can see derived from Credential have only
> protected constructors, so
> do I have to derive my own class in order to create a Credential? I guess
I
> must be missing something obvious here ...

I think I said earlier, you either have to implement something to the
interface yourself, usually by inherting from BasicX509Credential, or use
the CredentialResolver plugin of type="File", or implement your own
CredentialResolver.

If you're loading things from the filesystem, there's no reason to use
anything but the File-based plugin.

All plugin creation is DOM-based. There are examples of constructing them in
the test suite (e.g. xmltoolingtest/FilesystemCredentialResolverTest.h), and
there are explicit docs in the Shibboleth configuration reference on what
the supported XML/DOM actually is for each plugin.

https://spaces.internet2.edu/display/SHIB2/NativeSPCredentialResolver

The tests and the configuration for Shibboleth are the best references on
how to use any of the plugins in the system (CredentialResolvers,
TrustEngines, StorageServices, MetadataProviders, MessageEncoders/Decoders,
etc.

-- Scott