52 buffer.append(
" <SP entityID=\"").append(client.getClientId()).append(
"\"\n");
53 buffer.append(
" sslPolicy=\"").append(realm.getSslRequired().name()).append(
"\"\n");
54 buffer.append(
" logoutPage=\"SPECIFY YOUR LOGOUT PAGE!\">\n");
55 if (samlClient.requiresClientSignature() || samlClient.requiresEncryption()) {
56 buffer.append(
" <Keys>\n");
57 if (samlClient.requiresClientSignature()) {
58 buffer.append(
" <Key signing=\"true\">\n");
59 buffer.append(
" <PrivateKeyPem>\n");
60 if (samlClient.getClientSigningPrivateKey() == null) {
61 buffer.append(
" PRIVATE KEY NOT SET UP OR KNOWN\n");
63 buffer.append(
" ").append(samlClient.getClientSigningPrivateKey()).append(
"\n");
65 buffer.append(
" </PrivateKeyPem>\n");
66 buffer.append(
" <CertificatePem>\n");
67 if (samlClient.getClientSigningCertificate() == null) {
68 buffer.append(
" YOU MUST CONFIGURE YOUR CLIENT's SIGNING CERTIFICATE\n");
70 buffer.append(
" ").append(samlClient.getClientSigningCertificate()).append(
"\n");
72 buffer.append(
" </CertificatePem>\n");
73 buffer.append(
" </Key>\n");
75 if (samlClient.requiresEncryption()) {
76 buffer.append(
" <Key encryption=\"true\">\n");
77 buffer.append(
" <PrivateKeyPem>\n");
78 if (samlClient.getClientEncryptingPrivateKey() == null) {
79 buffer.append(
" PRIVATE KEY NOT SET UP OR KNOWN\n");
81 buffer.append(
" ").append(samlClient.getClientEncryptingPrivateKey()).append(
"\n");
83 buffer.append(
" </PrivateKeyPem>\n");
84 buffer.append(
" </Key>\n");
87 buffer.append(
" </Keys>\n");
89 buffer.append(
" <IDP entityID=\"idp\"");
90 if (samlClient.requiresClientSignature()) {
91 buffer.append(
"\n signatureAlgorithm=\"").append(samlClient.getSignatureAlgorithm()).append(
"\"");
92 if (samlClient.getCanonicalizationMethod() != null) {
93 buffer.append(
"\n signatureCanonicalizationMethod=\"").append(samlClient.getCanonicalizationMethod()).append(
"\"");
97 buffer.append(
" <SingleSignOnService signRequest=\"").append(Boolean.toString(samlClient.requiresClientSignature())).append(
"\"\n");
98 buffer.append(
" validateResponseSignature=\"").append(Boolean.toString(samlClient.requiresRealmSignature())).append(
"\"\n");
99 buffer.append(
" validateAssertionSignature=\"").append(Boolean.toString(samlClient.requiresAssertionSignature())).append(
"\"\n");
100 buffer.append(
" requestBinding=\"POST\"\n");
101 UriBuilder bindingUrlBuilder = UriBuilder.fromUri(baseUri);
102 String bindingUrl = RealmsResource.protocolUrl(bindingUrlBuilder)
103 .build(realm.getName(), SamlProtocol.LOGIN_PROTOCOL).toString();
104 buffer.append(
" bindingUrl=\"").append(bindingUrl).append(
"\"/>\n");
106 buffer.append(
" <SingleLogoutService signRequest=\"").append(Boolean.toString(samlClient.requiresClientSignature())).append(
"\"\n");
107 buffer.append(
" signResponse=\"").append(Boolean.toString(samlClient.requiresClientSignature())).append(
"\"\n");
108 buffer.append(
" validateRequestSignature=\"").append(Boolean.toString(samlClient.requiresRealmSignature())).append(
"\"\n");
109 buffer.append(
" validateResponseSignature=\"").append(Boolean.toString(samlClient.requiresRealmSignature())).append(
"\"\n");
110 buffer.append(
" requestBinding=\"POST\"\n");
111 buffer.append(
" responseBinding=\"POST\"\n");
112 buffer.append(
" postBindingUrl=\"").append(bindingUrl).append(
"\"\n");
113 buffer.append(
" redirectBindingUrl=\"").append(bindingUrl).append(
"\"");
114 buffer.append(
"/>\n");
115 buffer.append(
" </IDP>\n");
116 buffer.append(
" </SP>\n");