Skip to Content.
Sympa Menu

shibboleth-dev - Reading idp credentials from the keystore

Subject: Shibboleth Developers

List archive

Reading idp credentials from the keystore


Chronological Thread 
  • From: "Dharam Veer" <>
  • To:
  • Subject: Reading idp credentials from the keystore
  • Date: Tue, 30 Dec 2008 14:46:19 -0600
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=cahJZiRDEVPkpfFyYpCZBrrm2U8JK0H7+8qjya8Hh034DNabdV7W6uYq1E8Z30Tr7k 2sS2TPcubTaS3S+1agI3cTVdwgl35gkD4BvbD41qNiXtsjN3OadAHk6eQZHe9VYfOqBP ppE81sj6xkiaz1VsM1b89SXijqUhBIDpKHyMA=

Hi,

I was looking for a way of using the credentials from java keystore.

After reading some documentation (https://spaces.internet2.edu/display/SHIB2/IdPCredentials) and code it is my understanding that currently supported credential (to be used for signing and encrypting assertions) configurations are Inline X509 and FileSystem X509 as described in document.

However when I look in the opensaml xml tooling library I see some classes such as FilesystemCredentialResolver and KeyStoreCredentialResolver I am getting confused. 

So far my understanding is that shibboleth (common & idp) implementation has its own credential resolving logic and does not use above mentioned classes. If I want to read from key store I should extend Shibboleth relyinparty configuration and/or credential type etc and may be re-use code from KeyStoreCredentialResolver. 

Please correct me if my understanding is incorrect.

Regards & thanks
Dharam



Archive powered by MHonArc 2.6.16.

Top of Page