Export SAML web service provider metadata using wsadmin.sh
Use the wsadmin command-line utility to export the SAML trust association interceptor (TAI) service provider metadata to a file.
Tasks
- Start the WAS appservers.
- Start the wsadmin command utility from the app_server_root/bin directory by entering the command: wsadmin -lang jython.
- At the wsadmin prompt, enter:
AdminTask.exportSAMLSpMetadata('-spMetadataFileName /tmp/spdata.xml -ssoId 1')Use the following parameters with this command:
Parameter Description -ssoId Optional if we have only one SSO service provider partner. If we have more than one SSO service provider partner, this parameter is required. Identifier for the group of custom properties associated with the SSO service provider partner. Integer. -securityDomainName Name of the security domain of interest. If not specified, the command uses the global security configuration. This parameter is specified as a String. -spMetadataFileName Required. Specify the fully-qualified file name for the SAML service provider metadata. String. -wantAssertionsSigned Optional. Specify true if we want SAML assertions to be signed. This parameter is specified as a Boolean. -encryptionMethod Optional. Specifies the encryption method. The default is http://www.w3.org/2001/04/xmlenc#rsa-1_5. String.
The SAML TAI service provider metadata is now exported to the specified file.
Example
The following example exports the SAML service provider metadata of SSO partner 1 from the global security SAML TAI configuration:AdminTask.exportSAMLSpMetadata('-spMetadataFileName /tmp/mySPmetadata.xml -ssoId 1')The following example exports the SAML service provider metadata of SSO service provider partner 1 from the security domain myDomain1:
AdminTask.exportSAMLSpMetadata('-spMetadataFileName /tmp/mySPmetadata.xml -ssoId 1 -securityDomainName myDomain1')