OpenSAML user discussion

[(Rami Jaamour)]

I have two questions:

1. Any known issues when creating a SAMLAssertion from a DOM? When I 
create one using the sample saml assertion which ships with OpenSAML, 
then after the call

Element element = (Element) assertion.toDOM(doc);

where doc is a SOAP Envelope (this is actually inside WSS4J), if I 
serialize the DOM I get broken XML. The SOAP Envelope and ds namespaces 
become empty and some attribute values are messed up, for example 
MinorVersion="
  "
If, however, I clone the node before feeding it to SAMLAssertion 
constructor, I do not get this problem. Anyway to avoid cloning? what 
could be happening here and why is cloning solving this problem?

2. The IssuerInstant is created in GMT, the OASIS (SAML) V1.1 Standard, 
2 September 2003 document states that it should be in UTC. See lines 410 
and 220 (pg 7) in the spec. Perhaps org.opensaml.SAMLAssertion line 288 
should be modified to:

formatter.setTimeZone(TimeZone.getTimeZone("GMT"));

Thank you,

--

Rami Jaamour
Software Engineer
Web Services Solutions
Parasoft Corporation

"We Make Software Work"