GridCertLib is a Java library providing services to create a SLCS/X.509 certificate and a Grid proxy (optionally VOMS-enabled), given the SAML2 assertion resulting from a Shibboleth2 authentication.

The library comes with some example servlets (cf. package ch.swing.gridcertlib.servlet) that provide sample code to use the GridCertLib features in a Java web services environment.

The main use case envisioned for GridCertLib is to provide seamless and secure access to Grid/X.509 certificates and proxies in web portals: when a user logs in to the portal using the regular SWITCHaai Shibboleth authentication, GridCertLib can automatically obtain a Grid X.509 certificate from the SLCS service and generate a VOMS proxy from it. What is more, all of this can happen without further interaction with the user.

The most complete description of GridCertLib's architecture and usage is given in arXiv paper 1101.4116.

Feel free to write us for any information or feedback!