How to add KeyInfo & X509Data under the Signature in SAML 2.0 using Java -

i new saml, build saml per requirement need add keyinfo , x509 certificate nodes including client’s public cert, have used below code generate signature element, dont know how add keyinfo & x509data inside signature. needing on this?

basicx509credential signingcredential = new basicx509credential();     //namespace namespacesaml = new namespace("http://www.w3.org/2000/09/xmldsig#","ds");     keystore keystore = getkeystore( signingkeystorepath,signingkeystorepassword);     privatekey privatekey = getprivatekey(keystore,signingkeyalias,signingkeystorepassword );     signingcredential.setprivatekey(privatekey);     signature = (signature) configuration.getbuilderfactory().getbuilder(signature.default_element_name).buildobject(signature.default_element_name);     signature.setsigningcredential(signingcredential);     signature.setsignaturealgorithm(signatureconstants.algo_id_signature_rsa_sha1);     signature.setcanonicalizationalgorithm(signatureconstants.algo_id_c14n_excl_omit_comments);  

if want less code, there helper class signatures this.

x509keyinfogeneratorfactory x509factory = new x509keyinfogeneratorfactory(); x509factory.setemitentitycertificate(true); x509factory.setemitentitycertificatechain(true); x509factory.setemitx509issuerserial(true); x509factory.setemitx509subjectname(true);  configuration.getglobalsecurityconfiguration().getkeyinfogeneratormanager().registerfactory("x509emitingkeyinfogenerator", x509factory);  securityhelper.preparesignatureparams(signature, spcredentials.getcredential(), null,  "x509emitingkeyinfogenerator"); 

this sets keyinfo, signing algorithms etc. use setemit methods on factory set should added keyinfo

for more information, read my blog post on it. wrote book on opensaml explain signing , encryption functions , more in detail.