Shibboleth Identity Provider Hazelcast Storage Service

This package provides a storage service implementation for the Shibboleth IdP (v4.1 or later) that is based on Hazelcast v4 [ ]. The service is deployed as a Shibboleth Plugin (see [ ])

System Requirements

  • Shibboleth IdP v4.1

Getting started

  1. Download the distribution from [ TBD ]. Download either the .tar.gz or .zip file and the associated GPG signature file (the .asc file).
  2. Install the plugin following instructions at - [ ]
  3. Add storage service bean to global.xml. For example:
<bean id="hazelcast" class="com.hazelcast.core.Hazelcast" factory-method="newHazelcastInstance">
    <constructor-arg name="config">
        <bean class="com.hazelcast.config.Config">
            <property name="properties">
                    <prop key="hazelcast.logging.type">slf4j</prop>
                    <prop key="">5</prop>
            <property name="networkConfig">
                <bean class="com.hazelcast.config.NetworkConfig">
                    <property name="port" value="5701"/>
                    <property name="portAutoIncrement" value="true"/>
                    <property name="join" ref="tcpIpHazelcastJoinConfig"/>

<bean id="tcpIpHazelcastJoinConfig" class="com.hazelcast.config.JoinConfig">
    <property name="multicastConfig">
        <bean class="com.hazelcast.config.MulticastConfig">
            <property name="enabled" value="false"/>
    <property name="tcpIpConfig">
        <bean class="com.hazelcast.config.TcpIpConfig">
            <property name="enabled" value="true"/>
            <property name="members" value="%{hz.cluster.members:localhost}"/>

<bean id="my.HazelcastStorageService"
    <constructor-arg name="hazelcastInstance" ref="hazelcast" />

<bean id="my.StorageService.cas"
    <constructor-arg value="cas" />
    <constructor-arg ref="hazelcast" />

<bean id="my.StorageService.idpSession"
    <constructor-arg value="session" />
    <constructor-arg ref="hazelcast" />

Note that you can configure the HazelcastInstance in the Spring configuration file or use one of the other configuration methods.

The above configuration shows two ways of using Hazelcast:

  1. my.HazelcastStorageService will dynamically create maps based upon the name of the context.
  2. my.StorageService.cas and my.StorageService.idpSession creates the maps named in the first constructor-arg. This allows for finer, explicit control of the Hazelcast maps.

For more information about configuring Hazelcast, see

In, set each of the storage services you want to use Hazelcast to one of the configured Hazelcast stores:

  • idp.session.StorageService
  • idp.cas.StorageService
  • idp.consent.StorageService
  • idp.replayCache.StorageService
  • idp.artifact.StorageService


Licensed under the terms of the Apache License, v2. Please see LICENSE or for more information.

Included libraries and dependency tree

    \--- com.hazelcast:hazelcast-all:4.2.2


This library was developed in cooperation with:

  • Portland State University
  • Unicon Open Source Support Subscribers