使用OpenSAML v3從IDP元數據創建憑證對象

Question

我想驗證從SSO Sircle（IDP）取回的SAML響應。爲了做到這一點，我使用SSO圈（https://idp.ssocircle.com/idp-meta.xml），以便與IDP的公共密鑰創建憑據對象提供的IDP元數據如下：

FilesystemMetadataResolver idpMetadataResolver = new FilesystemMetadataResolver(new File("C:\\idp_metadata.xml")); 
    idpMetadataResolver.setRequireValidMetadata(true); 
    idpMetadataResolver.setParserPool(new BasicParserPool()); 
    idpMetadataResolver.initialize(); 

    MetadataCredentialResolver credentialResolver = new MetadataCredentialResolver(); 

    credentialResolver.setRoleDescriptorResolver(new BasicRoleDescriptorResolver(idpMetadataResolver)); 

    CriteriaSet criteriaSet = new CriteriaSet(); 
    criteriaSet.add(new EntityIdCriterion("https://idp.ssocircle.com")); 
    criteriaSet.add(new EntityRoleCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME)); 

    X509Credential credential = (X509Credential)credentialResolver.resolveSingle(criteriaSet); 

然而，這種努力的時候拋出一個異常初始化idpMetadataResolver：

net.shibboleth.utilities.java.support.component.ComponentInitializationException: Component identifier can not be null 
at net.shibboleth.utilities.java.support.component.AbstractIdentifiedInitializableComponent.doInitialize(AbstractIdentifiedInitializableComponent.java:65) 
at org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver.doInitialize(AbstractMetadataResolver.java:188) 
at net.shibboleth.utilities.java.support.component.AbstractInitializableComponent.initialize(AbstractInitializableComponent.java:61) 

我很新的OpenSAML，我一直主要看例子和在線教程，但他們大多是爲OpenSAML V2.0編寫的。我想知道如果我在初始化對象時做錯了什麼。

Answer 1

在對OpenSAML 3 Java文檔和Shibboleth dev社區進行了一些挖掘後，我想我找到了一個對我的問題的答案。元數據解析器對象需要設置如下：

FilesystemMetadataResolver idpMetadataResolver = new FilesystemMetadataResolver(new File("C:\\idp.xml")); 
    idpMetadataResolver.setRequireValidMetadata(true); 
    idpMetadataResolver.setParserPool(XMLObjectProviderRegistrySupport.getParserPool()); 
    idpMetadataResolver.setId("someidentifier"); 
    idpMetadataResolver.initialize();