ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Diskin <mark.dis...@gmail.com>
Subject Re: How to get authn and contents attribute statements
Date Thu, 08 Mar 2012 13:50:41 GMT
Thanks - was able to get this to work. It might be a helpful utility class to have something
that walks the result with a callback so all of this casting/looping is not coded over and
over again.
 
 
Also In debugging I added this and got a NPE (see below) since the privatekey onject is null.
Is a private key needed? I had use taken the public key from our ESB to be able to validate
the request. Maybe I’m miss understanding the to.String method intent.
 
log.debug("receivedAssertion ="+receivedAssertion.assertionToString());
 
 
08:13:01.265 [tomcat-http--5] DEBUG org.opensaml.xml.signature.Signer - Computing signature
over XMLSignature object
java.lang.NullPointerException
       at org.apache.xml.security.algorithms.implementations.SignatureBaseRSA.engineInitSign(SignatureBaseRSA.java:157)
       at org.apache.xml.security.algorithms.SignatureAlgorithm.initSign(SignatureAlgorithm.java:238)
       at org.apache.xml.security.signature.XMLSignature.sign(XMLSignature.java:591)
       at org.opensaml.xml.signature.Signer.signObject(Signer.java:76)
       at org.apache.ws.security.saml.ext.OpenSAMLUtil.toDom(OpenSAMLUtil.java:132)
       at org.apache.ws.security.saml.ext.AssertionWrapper.toDOM(AssertionWrapper.java:287)
       at org.apache.ws.security.saml.ext.AssertionWrapper.assertionToString(AssertionWrapper.java:297)
 

Mark

On Mar 8, 2012, at 4:43 AM, Colm O hEigeartaigh <coheigea@apache.org> wrote:

> You could either write a custom validator or get the Assertion from
> the result objects, e.g.:
> 
> http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java?view=markup
> 
> List<WSSecurityEngineResult> results = verify(unsignedDoc);
>        WSSecurityEngineResult actionResult =
>            WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
>        AssertionWrapper receivedAssertion =
>            (AssertionWrapper)
> actionResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
> 
> Colm.
> 
> On Thu, Mar 8, 2012 at 4:01 AM, Mark Diskin <mark.diskin@gmail.com> wrote:
>> 
>>> I'm able to send both and see from the debugging the validation of the message.
I'm not too sure where I can get the contents of the attribute values. Do I have to pick them
out in a custom validator or is in the result objects. I see examples for building a client
but not ones for the server.
>>> 
>>> I'm on the 1.6.5 version and this is the last piece so I can add saml2 support
on the spring-ws code by implementing my own security filter behind our service bus.
>>> 
>>> Thanks
>>> 
>>> Mark
> 
> 
> 
> -- 
> Colm O hEigeartaigh
> 
> Talend Community Coder
> http://coders.talend.com

Mime
View raw message