Scott Cantor cantor.2@osu.edu Welcome Contents Requirements Bugs Support Documentation Welcome to Internet2's OpenSAML OpenSAML is a partial implementation of the committee-specification of SAML 1.0 (http://www.oasis-open.org/committees/security/), mainly the parts needed to implement the Internet2 Shibboleth project. Java and C++ APIs are provided. Please review the terms described in the LICENSE file before using this code. It is similar to the Apache 1.1 license. Finally, be aware that RSA Security Inc. has asserted a patent claim against all implementations of SAML. Their proposed terms for licensing can be found at: http://www.oasis-open.org/committees/security/rsa-ipr-statement.shtml As a SAML toolkit, OpenSAML would be subject to this claim and would require a royalty-free license from RSA, which is not yet obtained. More at issue, any user of this library must also obtain a license from RSA to deploy an application that uses it. Internet2, UCAID, and the OpenSAML developers are not responsible for anyone's failure to do so. Now the good news: SAML products have been shipping for months, and RSA has yet to define any process for obtaining a license. We don't think anyone has much to worry about. Contents: OpenSAML can be obtained directly from anonymous CVS as described in http://www.opensaml.org/cvs.html A source distribution also exists for the C++ version and can be found at http://wayf.internet2.edu/shibboleth/ The CVS layout is as follows: README.txt (this file) INSTALL.txt (how to build/install) LICENSE.txt (source license) NEWS.txt (usual per-release news) java/ build.xml (Ant build file) src/ org/opensaml/ (OpenSAML source) schemas/ (XML schemas used) lib/ (required jar files) dist/ (OpenSAML binary) docs/ (JavaDocs, must be built, not in cvs) data/ (stuff for unit testing) tests/ (JUnit tests) c/ bootstrap (shell script to generate configure files) saml/ (OpenSAML C++ source) schemas/ (XML schemas used) The source distribution is a standard configure/make/install package with a prebuilt configure script and Makefiles. Requirements: Java (now 1.4 only) Building the Java code is supported on Sun's 1.4.1 JDK and may be possible with other Java compilers. There is a known issue with JDK 1.4 and some of the dependent jarfiles OpenSAML uses. The workaround for the issue is documented here: http://xml.apache.org/security/install.html Numerous XML and related Java class libraries are required, and are included in the package for the time being. Versions newer than those included may or may not work. C++ The INSTALL file contains great detail on how to build the C++ code and the complexity that lies on that road. The following is a list of the basic dependent libraries and minimum versions needed: gcc/g++ GNU compiler 3.0 http://www.gnu.org/software/gcc/ OpenSSL 0.9.6i/0.9.7 http://www.openssl.org/ libcurl 7.10.3 http://curl.haxx.se/libcurl/ libuuid from e2fsprogs http://sourceforge.net/projects/e2fsprogs/ Xerces-C 2.1 http://xml.apache.org/xerces-c/ log4cpp 0.3.4b http://wayf.internet2.edu/shibboleth/ libxml2 2.4.26 http://www.xmlsoft.org/ libxslt 1.0.22 http://www.xmlsoft.org/ xmlsec 0.0.10 http://www.aleksey.com/xmlsec/ Bugs: A bugzilla is now available at http://bugzilla.internet2.edu/ Support: A mailing list for users is available. Subscription instructions are provided at http://www.opensaml.org/index.html#mailing Support will likely be informal and ad hoc for the time being. The authors' focus is on completing Shibboleth. Most bugs are likely to affect that goal and will be addressed quickly, however, at least for now. Please do not e-mail the author directly. Use the mailing list. Documentation: Javadocs can be built using ant. There will hopefully be C++ docs via doxygen soon. There are no explicit samples yet, but there are test programs and higher level code in the Shibboleth codebase that would help a novice see what some of the classes do. An understanding of SAML also helps.