Create SAML Assertion and Sign the response

Question

I have a Java web application. I want to implement SAML Single-Sign-On login for my application. I have got this GitHub onelogin program to send request and get response. But it

Answer 1

You can also use Java Saml from Onelogin to sign the response using their utility class (com.onelogin.saml2.util.Util):

// loads xml string into Document
Document document = Util.loadXML(saml);

// loads certificate and private key from string
X509Certificate cert = Util.loadCert(pubKeyBytes);
PrivateKey privateKey = Util.loadPrivateKey(privKeyBytes);

// signs the response
String signedResponse = Util.addSign(document, privateKey, cert, null);

You can also use another .addSign method that takes Node as first parameter to sign the assertion of the SAML response.

Their Maven dependency is:

    com.onelogin
    java-saml
    2.0.0