completed support for SourceID IDP, not tested yet

conf-sso/idp/idp-descriptor.xml

@@ -0,0 +1,39 @@
+<?xml version="1.0"?>
+
+<ProviderDirectory xmlns:lib="http://projectliberty.org/schemas/core/2002/12" 
+                   xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                   xmlns="http://www.sourceid.org/schemas/sso/providers/2002/11">
+
+  <lib:IDPDescriptor xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
+                     xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <lib:ProviderID>Venice-SSO-IDP</lib:ProviderID>
+
+    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIIDMDCCAu4CBD7vnjgwCwYHKoZIzjgEAwUAMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFjAUBgNVBAMTDUVyaWMgQm93ZXJzb3gwHhcNMDMwNjE3MjMwMzIwWhcNMDMwOTE1MjMwMzIwWjB+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ08xDzANBgNVBAcTBkRlbnZlcjEjMCEGA1UEChMaU2lsdmVyd3Jpc3QgRGVzaWduIFN0dWRpb3MxFDASBgNVBAsTC0RldmVsb3BtZW50MRYwFAYDVQQDEw1FcmljIEJvd2Vyc294MIIBtzCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYQAAoGAPY0omT9Qes0rZe0C21MetHeTwen3Er5lFgAPWMUgHkLBhdViPfnRtjtCXiiVZ/n85/Hc6yGNDkNvYVsD5CX8mo72vsXXHg5wdyMiFlHZuZFE57bE/4YDg1dtqQ3BE9NHUlxuinbdgJd8mY5uNpy69/9jrbvr5oo1p6ZMdLU3iiowCwYHKoZIzjgEAwUAAy8AMCwCFF5opeaoKbAijQc87yHBHHlONllfAhRqDQFmDitlQJ61lecv/2/tuaxIPw==</ds:X509Certificate>
+      </ds:X509Data>
+     </ds:KeyInfo>
+
+     <lib:SoapEndpoint>http://localhost:8080/venice-idp/sso/soap/endpoint</lib:SoapEndpoint>
+     <lib:SingleLogoutServiceURL>http://localhost:8080/venice-idp/sso/logout</lib:SingleLogoutServiceURL>
+     <lib:SingleLogoutServiceReturnURL>http://localhost:8080/venice-idp/sso/logout</lib:SingleLogoutServiceReturnURL>
+     <lib:FederationTerminationServiceURL>http://localhost:8080/venice-idp/sso/fedterm</lib:FederationTerminationServiceURL>
+     <lib:FederationTerminationServiceReturnURL>http://localhost:8080/venice-idp/sso/fedterm</lib:FederationTerminationServiceReturnURL>
+     <lib:SingleSignOnServiceURL>http://localhost:8080/venice-idp/sso/authn</lib:SingleSignOnServiceURL>
+     <!--
+       The following profile declarations indicate the variants of the Liberty Protocol which 
+       this provider can speak.
+     -->
+     <lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</lib:RegisterNameIdentifierProtocolProfile>
+     <lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</lib:FederationTerminationNotificationProtocolProfile>
+     <lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</lib:FederationTerminationNotificationProtocolProfile>
+     <lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</lib:SingleLogoutProtocolProfile>
+     <lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</lib:SingleLogoutProtocolProfile>
+     <lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-art</lib:SingleSignOnProtocolProfile>
+     <lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-post</lib:SingleSignOnProtocolProfile>
+     <lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/wml-post</lib:SingleSignOnProtocolProfile>
+     <lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/lecp</lib:SingleSignOnProtocolProfile>
+
+  </lib:IDPDescriptor>
+
+</ProviderDirectory>

conf-sso/idp/sourceid-sso.xml

@@ -17,7 +17,7 @@
   <provider-directory>/WEB-INF/sourceid-sso-providers.xml</provider-directory>
 	
   <exception-handlers>
-    <default>/defaultExceptionHandler.jsp</default>
+    <default>/sourceid/errorHandler.js.vs</default>
   </exception-handlers>
 	
   <signing-key>
@@ -27,11 +27,11 @@
     <key-password>strongbad</key-password>
   </signing-key>
 
-  <idp-authentication-uri>TODO</idp-authentication-uri>
-  <idp-authn-lifespan>1800</idp-authn-lifespan>
-  <idp-logout-render-page>TODO</idp-logout-render-page>
-  <idp-logout-done-image>TODO</idp-logout-done-image>
-  <idp-post-assertion-render-page>TODO</idp-post-assertion-render-page>
+  <idp-authentication-uri>/sourceid/idp_login.js.vs</idp-authentication-uri>
+  <idp-authn-lifespan>3599</idp-authn-lifespan>
+  <idp-logout-render-page>/sourceid/logout_render.js.vs</idp-logout-render-page>
+  <idp-logout-done-image>/images/check32x32.gif</idp-logout-done-image>
+  <idp-post-assertion-render-page>/sourceid/post_assertion.js.vs</idp-post-assertion-render-page>
 
   <!--
     Here, you may optionally specify a Session-context attribute which SourceID-SSO should remove whenever