Skip to content

SAML libraries

Jump to bottom
Alberto edited this page Jan 13, 2016 · 9 revisions

HC3SA (HC3 Security Agent)

  • WiFIS messages sent to i-SISS.cat central platform must meet specific security requirements and incorporate a SAML header as described in TicSalut.
  • The Departament de Salut (Generalitat of Catalonia) provides HC3 Security Agent (Java and .NET libraries) to generate the required SAML header.

Download files

Download the HC3SA_java.zip file available as external download in the latest released version of WiFIS Easy Connect.

Included files in the zip:

Directory File(s) Description
/cert test.\* Security certificates generated only for testing purposes.
THESE CERTIFICATES ARE NOT VALID FOR LIVE ENVIRONMENT!
/config hccsa.properties Configuration file from HC3SA library (see [TicSalut] (http://www.ticsalut.cat/projectes/i-siss-cat/documents/8/document-on-sexplica-la-connectivitat-amb-i-sisscat)).
parameters.properties File containing the attributes that will be included into SAML header (see [TicSalut] (http://www.ticsalut.cat/projectes/i-siss-cat/documents/8/document-on-sexplica-la-connectivitat-amb-i-sisscat)).
/lib \*.jar Needed Libraries for HC3SA execution.
/ hc3saSamlProxy.jar Proxy to HC3SA libraries that will be used by Ensemble to generate SAML header.
run.bat
run.sh 		Script to run a simple test using hc3saSamlProxy.jar
run.bat for Windows and run.sh for Unix

Java Development Kit

  • Java Development Kit version 8 must be installed on the Ensemble server.
  • Tests were performed with jdk1.8.0_65.

Simple Test Execution

Run included simple script to check that library works correctly on the server before linking with Ensemble:

  1. Edit the file run.bat or run.sh and modify the section CONFIG to set correct paths.
  2. Edit configuration files hccsa.properties and parameters.properties as needed.
  3. Execute run.bat or run.sh and check that SAML header is generated correctly.
  4. The execution of the test generates the file classpath.txt which content can be used as CLASSPATH value when configuring Java Gateway in Ensemble.

Link libraries with Ensemble

Java Gateway

  • To invoke Java libraries from Ensemble it is necessary to have a Java Gateway service, you can start it manually or through an Ensemble service.
  • Open test production WiFIS.V201.Test.ProdSAML and configure the service JavaGateway:
Setting Description
Port port for communications between Java Gateway and Java classes. It must be an available port in the server (by default 55555)
JavaHome path of JDK in the server
Classpath path to the needed external libraries (view classpath.txt generated after running run.bat)
Log File path to the file that will save the log of this service

Import JAR into Ensemble:

  • Studio > Tools > Complements > Java Gateway Wizard.
    Use the same port and classpath as in JavaGateway.


  • Classes hc3sa.saml.ProxyHC3SAML, java.*, javax.* will be generated after importing jar.

This package is an add-on for InterSystems Ensemble and does not form part of the official release. InterSystems standard technical assistance will not attend issues related with this package.

Clone this wiki locally