1 Reply Latest reply on Jun 4, 2012 12:05 PM by Anil Saldanha

    SP with multiple IDPs

    Todd Wilder Newbie

      I'm posting to make sure PicketLink does not offer this, and ask that it be added if it does not already exist.

       

      I have an SP and I want to use multiple IDPs with it. This is common for applications like SharePoint or disqus, where you trust multiple IDPs (you need to identify a unique id saml assertion, normally email address) and when a user needs to log in, they get to choose from multiple IDPs. The UI and the redirecting I can handle myself, but the trusting of multiple IDPs seems to be technically impossible at the moment because of the configuration below

       

       

      <KeyProvider ClassName="org.picketlink.identity.federation.core.impl.KeyStoreKeyManager">

       

          <Auth Key="KeyStoreURL" Value="/jbid_test_keystore.jks" />

          <Auth Key="KeyStorePass" Value="store123" />

          <Auth Key="SigningKeyPass" Value="test123" />

          <Auth Key="SigningKeyAlias" Value="servercert" />

       

         <ValidatingAlias Key="idp.example.com" Value="servercert" />

          <ValidatingAlias Key="localhost" Value="servercert" />

      </KeyProvider>

       

      I need to provide multiple certificates and validatingaliases, ideally database driven instead of xml file driven