OpenSAML-Java is a low-level library written in Java that provides support for producing and consuming SAML messages, creating and evaluating digitally signed and encrypted content, and working with SAML bindings. Extensive support for consuming SAML metadata is also provided, along with an API for establishing security policies around the consumption of SAML messages.
This library is intended for people needing to write SAML identity providers, service providers, and certain types of advanced clients. It is not by itself an implementation of any of those things. Developers are strongly encouraged to evaluating existing products before creating their own, as doing so is a lot of work and prone to error unless you have significant expertise in SAML.
- Java bean APIs for constructing and interrogating SAML messages.
- Active management of the underlying DOM structure (necessary for robust digital signature and encryption support)
- Support for trust models based on SAML metadata and PKI.
- Pluggable APIs for handling cryptographic keys and certificates and many other library features.
- Basic support for SAML message bindings