In order to implement SAML do I need Shibboleth SP installed on my host?

Question

I got a couple of SAML implementation questions to clear up my confusion ...

I need to implement SSO in a java web app.

1. In order to do so, do I need Shi

Answer 1

What will be needed to use OpenSAML? Just the IdP url and a registration with the idP?

You need Java and a web container, and include opensaml library in you war.

You need to cache IdP metadata locally or look it up each time when you want to send AuthnRequest or process SAMLResponse. Also you have to register your SP metadata on IdP side.

If you are using Shibboleth as your IdP, the SP metadata should be setup in conf/relying-party.xml file.

Do I need to provide an SP directory, e.g. ActiveDirectory/LDAP?

In order to login in IdP, you need to set up ldap or database server on IdP side and config it in conf/attribute-resolver.xml and conf/login.config.