Lasso & SourceID Interoperability
This directory contains a sample service provider and a sample identity provider to test with SourceID Liberty 2.0 demo application.
The results of the tests are available at <http://lasso.entrouvert.org/interoperability>.
SourceID Project homepage: <http://www.sourceid.org>
Install
Before running the tests, you need to configure SourceID Liberty 2.0 demo application:
::
export JAVA_HOME=/opt/jdk
export PATH=/opt/jdk/bin:$PATH
# Generate SourceID SSL self-signed certificate in keystore. /opt/jdk/bin/keytool -genkey -alias tomcat -dname "cn=*, o=Entrouvert, c=FR" -keyalg RSA -keysize 2048 -keystore sourceid-souk.keystore /opt/jdk/bin/keytool -selfcert -alias tomcat -keystore sourceid-souk.keystore
# Add sp2 SSL self-signed certificate to SourceID keystore. /opt/jdk/bin/keytool -import -alias sp2-ssl-self-signed -file ../../tests/data/sp2-ssl/self-signed-certificate.pem -keystore sourceid-souk.keystore # Add ca2 SSL certificate to SourceID keystore. /opt/jdk/bin/keytool -import -alias ca2-ssl -file ../../tests/data/ca2-ssl/certificate.pem -keystore sourceid-souk.keystore /opt/jdk/bin/keytool -import -alias ca2-la -file ../../tests/data/ca2-la/certificate.pem -keystore sourceid-souk.keystore # Add sp2 LA Liberty Alliance key chain to SourceID keystore. /opt/jdk/bin/keytool -import -alias sp2-la -file ../../tests/data/sp2-la/certificate.pem -keystore sourceid-souk.keystore /opt/jdk/bin/keytool -import -alias ca2-la -file ../../tests/data/ca2-la/certificate.pem -keystore sourceid-souk.keystore
# Extract SourceID Liberty Alliance certificate from keystore. /opt/jdk/bin/keytool -export -rfc -alias sourceid -file sourceid-certificate.pem -keystore sourceid-souk.keystore # Extract SourceID SSL certificate from keystore. /opt/jdk/bin/keytool -export -rfc -alias tomcat -file tomcat-certificate.pem -keystore sourceid-sp2.keystore
# Add the following code to jboss-3.2.5/server/default/deploy/jbossweb-tomcat50.sar/server.xml
<Connector port="8443" address="${jboss.bind.address}"
maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/sourceid-souk.keystore"
keystorePass="changeit"
truststoreFile="${jboss.server.home.dir}/conf/sourceid-souk.keystore"
truststorePass="changeit"
sslProtocol="TLS"/>
# Add the sp metadata to jboss-3.2.5/server/default/conf/sourceid-provider-directory.xml. # Don't forget to add the md prefix and to compute the sourceID attribute using tools.py.
# Add idp2 SSL self-signed certificate to SourceID keystore. /opt/jdk/bin/keytool -import -alias idp2-ssl-self-signed -file ../../tests/data/idp2-ssl/self-signed-certificate.pem -keystore sourceid-souk.keystore # Add idp2 LA Liberty Alliance key chain to SourceID keystore. /opt/jdk/bin/keytool -import -alias idp2-la -file ../../tests/data/idp2-la/certificate.pem -keystore sourceid-souk.keystore
Test
- Launch SourceID Liberty 2.0 demo application::
export JAVA_HOME=/opt/jdk export PATH=/opt/jdk/bin:$PATH cd jboss-3.2.5/bin ./run.sh
- In two different terminals, launch Lasso based service and identity providers::
./sp.py ./idp.py