Step 1: Download and Configure the Spring Security SAML Extension

This procedure prepares the Spring Security SAML application to generate the SP metadata.

To download and configure the Spring Security SAML Extension:

1.

Use these instructions to download and install the SAML extension:

a.

Download the spring-security-saml-1.0.4.RELEASE-dist.zip file from the following location:

https://repo.spring.io/list/release/org/springframework/security/extensions/spring-security-saml/1.0.4.RELEASE/ 

b.

Extract the contents of the .zip file to c:/samlapp.

c.

In a command line, change to the directory c:/samlapp/spring-security-saml-1.0.4.RELEASE/sample.

d.

In the sample directory, build the web application with maven, using the command mvn package.

e.

Copy the spring-security-saml2-sample.war file from the C:/samlapp/spring-security-saml-1.0.4.RELEASE/sample/target directory to the tomcat/webapps directory in your Code Insight Core Server installation (fnciInstallPath).

If necessary, refer to the following link for more a more detailed description of the SAML extension installation and configuration:

https://docs.spring.io/autorepo/docs/spring-security-saml/1.0.x-SNAPSHOT/reference/pdf/spring-security-saml-reference.pdf 

2.

Copy your secure keystore to the following location in your Core Server installation:

fnciInstallPath/tomcat/webapps/spring-security-saml2-sample/WEB-INF/classes/security

3.

Open the following file in your Core Server installation:

fnciInstallPath/tomcat/webapps/spring-security-saml2-sample/WEB-INF/SecurityContext.xml

4.

Locate the keyManager bean definition within the file. It looks similar to this:

<bean id="keyManager" class="org.springframework.security.saml.key.JKSKeyManager">

<constructor-arg value="classpath:security/myKeystore.jks"/>

<constructor-arg type="java.lang.String" value="myKeystorePassword"/>

<constructor-arg>

<map>

<entry key="myAlias" value="myAliasPassword"/>

</map>

</constructor-arg>

<constructor-arg type="java.lang.String" value="myAlias"/>

</bean>

5.

In the keyManager bean definition, replace the following values as needed with the properties defined for your secure keystore:

•

myKeystore—The name of the keystore that you are using for SSO.

Important:Ensure that the keystore is copied to WEB-INF/classes/security folder of the sample web application.

•

myKeystorePassword—The password for the keystore.

•

myAlias—The alias defined for the private key contained in the keystore.

•

myAliasPassword—The password for the private key alias.