To Use the com.sun.identity.sae.api

1. Initialize an instance of com.sun.identity.sae.api.SecureAttrs using the:

   SecureAttrs.init(String instance-name, String type, Properties properties) method.

   Be sure to add values for SAE_CONFIG_DATA_ENCRYPTION_ALG and SAE_CONFIG_ENCRYPTION_KEY_STRENGTH to Properties.

2. To encrypt the data, call the:

   saInstance.getEncodedString(Map attrs, String secret, String encSecret) method. If encSecret is null, the data is not encrypted. This is the same as calling:

   saInstance.getEncodedString(Map attrs, String secret)

3. To decrypt the data, call the:

   saInstance.verifyEncodedString(String str, String secret, String encSecret) method. If encSecret is null (or the data is not encrypted), decryption is not done. This would be equal to calling the saInstance.verifyEncodedString(String str, String secret) method.

See the OpenSSO Java API Reference for specifics on the parameters. This Javadoc can be found in the docs directory of the exploded opensso.war. Sample code can be found in the saeIDPApp.jsp and saeSPApp.jsp files included with the Secure Attribute Exchange sample. Be sure to include the SAE class files in your web application; they are included in Client SDK jars.