The objective of this example is to obtain a SAML token, which can later be used for Single Sign-On.

Single Sign-On is an authentication process that enables the user to authenticate once and to gain access to several systems with this one identification process.

To try this example, you must download the file called sampleSW9.zip and follow the instructions in Configuration of the Environment.

Unlike the other examples, in order to create an authentication request, we must use a SmartAuthNRequest object with the address of the host to which the request will be sent.

SmartAuthNRequest sanr = new SmartAuthNRequest(host);

In this example, as authentication will be performed using an agent, we must indicate this in the request, as well as any necessary data for the agent.

sanr.setRequestType(Constants.AA.RequestType.AGENT);
sanr.setAgentId(agentId);
sanr.setMethod(authMethod);
sanr.setSecret(secret);
sanr.setIpAddress(ipAddress);

Given that authentication is performed by an agent, the user data – username and password – are not included in the header. However, they are included via the setUsernameTokenUsername() and setUsernameTokenPassword() methods.

sanr.setUsernameTokenUsername(username);
sanr.setUsernameTokenPassword(password);

Finally, the format of the response is indicated and the request is sent.

sanr.setRespondWith(Constants.AA.RespondWith.ASSERTION);
SmartAuthNResponse sanrs = sanr.send();

The following login request, sent to the system, returns an assertion with the authentication and session information which, then, can be used for further authentication processes in the TrustedX platform. The SAML assertion can be retrieved using the getAssertion() method.

String token = sanrs.getAssertion();

The token is saved as text, allowing it to be displayed on screen for viewing.

System.out.println("*** Token ***");
System.out.println(token);

Once the code has been executed, we obtain an output, such as the one below.

*** Token ***

<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" MajorVersion="1" MinorVersion="1" AssertionID="aid-31323030343831383632-a369eed5bcb9a8d00e52850ba922708a" Issuer="urn:safelayer:tws:services:aa:2.1" IssueInstant="2008-01-16T11:11:02.900Z"><saml:Conditions NotBefore="2008-01-16T11:11:02.896Z" NotOnOrAfter="2008-01-16T12:11:02.896Z"/><saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password:clear" AuthenticationInstant="2008-01-16T11:11:02.896Z"><saml:Subject><saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">trustedx</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject><saml:SubjectLocality IPAddress="192.168.160.1"/></saml:AuthenticationStatement></saml:Assertion>

Go to discussion forum (5)