OpenSAML user discussion

[Chad La Joie <>]

The framework doesn't expect the credential to be created in any certain
way.  So, whatever way works best for your application is fine.

As to how to get the private key, that's also up to you.  If the private
key is in a DER, PEM, or PKCS12 encoded file you might want to check the
SecurityHelper class for helper methods to decode such a file.  If
you're going to want the cert to show up in the signature then X509Util
also provides similar helper methods for reading in certs/crls.  If your
key is in a Java keystore then you just use the normal JDK API for
accessing that.

On 2/9/11 3:07 AM, John Gonzales wrote:
> Hi there,
> 
> I'm following this guide for how to sign a SAML message:
> https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManJavaDSIG
> 
> However, it doesn't explain how to actually obtain a signing credential
> with the OpenSAML API.
> 
> Here's my implementation of the getSigningCredential method referenced
> in the guide.
> 
>     public static Credential getSigningCredential() {
>         BasicCredential credential = new BasicCredential();
>         credential.setPrivateKey(null); // HOW?
>         return credential;
>     }
> 
> I'm not sure how to obtain a PrivateKey, but more generally, I'm not
> even sure if this how the OpenSAML framework expects the signing
> credential to be generated.
> 
> I've searched around the documentation and have come to a point where
> some help might be all I need to move forward.
> 
> -jg.
> 

-- 
Chad La Joie
http://itumi.biz
trusted identities, delivered