OpenSAML user discussion

[Markus Lorch <>]

Hi Scott,

I have developed a new ObligatedAuthorizationDecisionStatement that is 
an extension of the standard AuthorizationDecisionStatement and includes
one more element called "XACMLObligation".

I extended the Java classes to create that statement and can package it
in a response on the service side.

My client is written in C/C++. So I've been trying to extend the 
OpenSAML C++ implementation to parse the response with the new statement.

I've extended the XSD and the parser runs through the received XML
fine but then SAMLStatement fails to locate the implementation of
ObligatedAuthorizationDecisionStatement.

I looked how SAMLAuthorizationDecisionStatement is registered and tried
to do the same thing but I must be missing something. I added the items 
listed below to the respecive files. Make etc. compiles the new 
statement fine.

Can you point me to what I am missing

Thanks

Markus

--------------------------
Markus Lorch
Department of Computer Science
Virginia Tech


SAMLStatement::getInstance
receives NULL on:
type=auto_ptr<saml::QName>(saml::QName::getQNameAttribute(e,XML::XSI_NS,L(type)));
but then creates the QName via
type=auto_ptr<saml::QName>(new 
saml::QName(e->getNamespaceURI(),e->getLocalName()));

the new QName )passed to the SAMLStatemntFactoryMap holds:
  localname: ObligatedAuthorizationDecisionStatement
  namespace: urn:oasis:names:tc:SAML:1.0:assertion

(I purposely used the SAML namespace for startes to make it simpler>



saml/SAMLConfig.cpp:

extern "C" SAMLStatement* 
ObligatedAuthorizationDecisionStatementFactory(DOMElement *e) {
 return new ObligatedAuthorizationDecisionStatement(e);
}
...
QName s7(XML::SAML_NS,L(ObligatedAuthorizationDecisionStatementType));
QName s8(XML::SAML_NS,L(ObligatedAuthorizationDecisionStatement)); 
SAMLStatement::regFactory(s7,&ObligatedAuthorizationDecisionStatementFactory);
SAMLStatement::regFactory(s8,&ObligatedAuthorizationDecisionStatementFactory)


saml/XML.cpp:

const XMLCh XML::Literals::ObligatedAuthorizationDecisionStatement[]=
...
const XMLCh XML::Literals::ObligatedAuthorizationDecisionStatementType[]=
...

saml/saml.h:

static const XMLCh ObligatedAuthorizationDecisionStatement[];
static const XMLCh ObligatedAuthorizationDecisionStatementType[];

class SAML_EXPORTS ObligatedAuthorizationDecisionStatement : public 
SAMLSubjectStatement
....
(Ideally I want this to inerhit from SAMLAuthorizationDecisionStatement 
but for starters it is "exactly" the same as 
SAMLAuthorizationDecisionStatemt - just the name changed)


Response with statement looks like this:

<Response .....
<Assertion ...
<ObligatedAuthorizationDecisionStatement Decision="Permit" 
Resource="gram://xxx.xxx.xxx/" 
xmlns="urn:oasis:names:tc:SAML:1.0:assertion">
...