OpenSAML user discussion

[Kamlesh Patel <>]

Title: Message

I am creating an AuthenticationStatement and a AttributeStatement.

I create a Assertion from these two statements.

 

What I observer is that "Subject" is always missing from the first statement that is added to the collection of statements for Assertion.

According to the SAML Schema both statements are suppose to have "subject".

 

Hence when I try to read that same assertion back I get a failure.

 

Is this a bug or am I doing something wrong.

 

I can send out a code snippet if required.

 

Thanks,

Kamlesh

 

Error in parsing SAML Assertion Token:

<Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" AssertionID="c7c7db89013c378bf36ab150c8e0c318" IssueInstant="2003-07-14T23:21:40Z" Issuer="https://www.bea.com" MajorVersion="1" MinorVersion="1"><Conditions NotBefore="2003-07-14T23:21:38Z" NotOnOrAfter="2003-07-14T23:24:38Z"></Conditions>

 

<AttributeStatement><Attribute xmlns:typens="http://www.xyz.com/security" AttributeName="Group" AttributeNamespace="http://www.xyz.com/security"><AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="typens:Group">Admin</AttributeValue><AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="typens:Group">Mananger</AttributeValue></Attribute></AttributeStatement>

 

<AuthenticationStatement AuthenticationInstant="2003-07-14T23:21:39Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"><Subject><NameIdentifier>testUser</NameIdentifier></Subject></AuthenticationStatement>

 

</Assertion>

org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content starting with element 'Attribute'. One of '{"urn:oasis:names:tc:SAML:1.0:assertion":Subject}' is expected.