The OpenSAML V2 software has reached its End of Life and is no longer supported. This documentation is available for historical purposes only.

Skip to end of metadata
  • Created by Former user, last modified by Former user on Apr 14, 2018
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 62 Current »

End of Life Warning

As of July 31, 2016, all security maintenance for the OpenSAML V2 Java release branch will cease. A complete schedule of the dates can be found here. All deployments should upgrade to V3 or evaluate other alternatives. This does not apply to the C++ libraries, which remain supported indefinitely.

Welcome to the OpenSAML website. OpenSAML is a set of open source C++ & Java libraries meant to support developers working with the Security Assertion Markup Language (SAML). OpenSAML 2, the current version, supports SAML 1.0, 1.1, and 2.0. Additionally, various development groups have found the framework created to support OpenSAML 2 useful for their own work. We are in the process of integrating their code supporting WS-Addressing, WS-Security, WS-Trust and XACML. 

The OpenSAML libraries do not provide a complete SAML identity or service provider. If you are looking for such software you should check out the Shibboleth project instead. Also, these libraries will not teach you any of the specifications listed above. The libraries are meant solely to support individuals who have taken the time to read and understand the specifications.

Before starting you may wish to check the Frequently Asked Questions.

OpenSAML2

User's Manual
Developer's Manual
Java Downloads
C++ Downloads
License

OpenSAML1

Status
Java Downloads
C++ Downloads

Developer Resources

Technical Specifications
Mailing List
Issue Tracking
Reporting Security Issues
 Source Code Access
 E-book - A Guide to OpenSAML

Projects Using OpenSAML

The following projects are those that we know to be using OpenSAML. There are probably others out there floating around, if you have such a project, add it to the list.

  • Shibboleth - Shibboleth provides cross-domain single sign-on and attribute-based authorization for browser users. Using the OpenSAML toolkit, Shibboleth implements the SAML 1.x browser profiles for identity and service providers.
  • Globus Toolkit - The Globus Toolkit (GT) is an open source software toolkit used for building grids. The CAS component of GT issues assertions containing AuthorizationDecisionStatement elements. Other GT components (in particular, MyProxy and GridShib) are being fitted with SAML interfaces using OpenSAML.
  • gLite - gLite provides a framework for building grid applications tapping into the power of distributed computing and storage resources across the Internet.
  • VO Privilege Project
  • Clarity Security's SSO Toolkit
  • VOMS
  • JBoss
  • CAS
  • OpenPermis
  • Apache WSS4J - open source web service security kit used by the Apache CXF web service framework. WSS4J uses OpenSAML to generate SAML1 and SAML2 assertions as well as parse, sign and validate SAML tokens.
  • Apache Rampart
  • OLAT
  • eduGAIN
  • openLiberty Wakame - Wakame is an open source java implementation of ID-WSF 2.0 and relies heavily on java-xmltooling, java-opensaml2, and java-openws libraries for modeling, marshalling, and unmarshalling xml objects.
  • OpenASelect
  • SuisseID - SuisseID aims to provide a digital identity and qualified digital signature in Switzerland. The user attributes are provided by the Claim Assertion Infrastructure (CAI). The OpenSAML library is used in the SuisseID SDK/Java to integrate applications with the infrastructure.

Thanks to...

The following organizations have provided substantial resources to the development of OpenSAML over the years.

  • The Ohio State University
  • Georgetown University
  • Internet2
  • NSF Middleware Initiative
  • SWITCH
  • EGEE
  • No labels