12.5.10.2. Configuration
To configure the SAML Metadata Configuration Providers you need to follow these steps:
-
Define the PicketLink Authenticator (SP or IDP valves) and provide the configuration provider class name as an attribute
-
Depending if you're configuring an IDP or SP, provide a metadata file and put it on the classpath:
-
For Identity Providers : WEB-INF/classes/idp-metadata.xml
-
For Service Providers : WEB-INF/classes/sp-metadata.xml
12.5.10.2.1. Configuring the PicketLink Authenticator
To configure one of the provided SAML Metadata configuration providers you just need to configure the PicketLink Authenticator with the configProvider parameter/attribute.
For Identity Providers you should have a configuration as follow:
<jboss-web>
<security-domain>idp</security-domain>
<context-root>idp-metadata</context-root>
<valve>
<class-name>org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve</class-name>
<param>
<param-name>configProvider</param-name>
<param-value>org.picketlink.identity.federation.web.config.IDPMetadataConfigurationProvider</param-value>
</param>
</valve>
</jboss-web>
For Service Providers you should have a configuration as follow:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>sp</security-domain>
<context-root>sales-metadata</context-root>
<valve>
<class-name>org.picketlink.identity.federation.bindings.tomcat.sp.ServiceProviderAuthenticator</class-name>
<param>
<param-name>configProvider</param-name>
<param-value>org.picketlink.identity.federation.web.config.SPPostMetadataConfigurationProvider</param-value>
</param>
</valve>
</jboss-web>