On Windows, either install OpenSSL or use WSL.
-
Create a directory named
certsundersrc/main/resources -
Generate an SSL certificate
-
Run:
openssl req -x509 -newkey rsa:4096 -keyout src/main/resources/certs/rp-private.key -out src/main/resources/certs/rp-certificate.pem -nodes -
Output:
Generating a RSA private key ...............++++ ..........................................................................................++++ writing new private key to 'src/main/resources/certs/rp-private.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []: Email Address []:
-
-
Start SimpleSAMLphp by running:
docker-compose up -
Navigate to http://localhost:10080/simplesaml/saml2/idp/metadata.php
-
The contents of the
<ds:X509Certificate>element should match the contents of theidp-certificate.pemfile undersrc/main/resources/certs
The available users configured in the Identity Provider are
| Username | Password |
|---|---|
| user1 | user1pass |
| user2 | user2pass |
Access http://localhost:8080 to test SAML 2.0 Single Sign-On initiated by the Service Provider.
Access http://localhost:10080/simplesaml/saml2/idp/SSOService.php?spentityid=issuer.example.com to test SAML 2.0 Single Sign-On initiated by the Identity Provider.
- https://medium.com/disney-streaming/setup-a-single-sign-on-saml-test-environment-with-docker-and-nodejs-c53fc1a984c9
- https://github.com/spring-projects/spring-security/tree/master/samples/boot/saml2login
- https://docs.spring.io/spring-security/site/docs/current/reference/html5/#servlet-saml2
- https://simplesamlphp.org/docs/stable/simplesamlphp-idp-more