X.509

Using the Java Client SDK

Ping Identity provides the Java Client SDK to allow web service applications (client or provider) to interact with the PingFederate Security Token Service (STS).

The Java Client SDK provides functionality for sending a security token to the PingFederate STS for exchange with a returned SAML token, which can then be used to access web services across domains.

Download the Java Client SDK .zip archive from the Add-ons tab of the PingFederate downloads page. The .zip archive includes documentation in the apidocs/index.html file.

Java Client SDK sample code

The following code example shows how to send a token and request the exchange. Refer to the SDK documentation for modifications that apply to your site.

The code snippet below demonstrates using the PingFederate Java Client SDK to send an X.509 token to the PingFederate STS:

// Example method for obtaining the X.509 token
// You will need to implement this for your environment
X500PrivateCredential credential = getCredentialFromKeystore();

// Configure STS Client (IdP side / SP Connection)
STSClientConfiguration stsConfiguration = new STSClientConfiguration();
stsConfiguration.setAppliesTo("http://sp.domain.com");
stsConfiguration.setStsEndpoint("https://idp.domain.com:9031/idp/sts.wst");
stsConfiguration.setInTokenType(STSClientConfiguration.TokenType.X509);

// Instantiate the STSClient
STSClient stsClient = new STSClient(stsConfiguration);

// Send an RST Issue request to PingFederate STS
Element samlToken = stsClient.issueToken(credential);