mace-opensaml-users - RE: signed assertions in <Evidence> in <AuthorizationDecisionStatement>
Subject: OpenSAML user discussion
List archive
- From: "Scott Cantor" <>
- To: "'Giandomenico Napolitano'" <>, <>
- Subject: RE: signed assertions in <Evidence> in <AuthorizationDecisionStatement>
- Date: Tue, 2 Aug 2005 22:43:54 -0400
- Organization: The Ohio State University
I mis-interpreted your programming error as corresponding to a bug I found
in the C++ code, but it's not in the Java code, so that isn't your problem
here.
Unfortunately, there's not a quick easy way to get the assertion moved over
without losing the signature. All you can really do to maintain the
signature is round trip the assertion back into XML with toString() and then
back into a fresh SAMLAssertion object. That will include the signature and
the new object won't be owned by anything (except your program).
You cannot under any circumstances add an object you don't own to another
object. Cloning would be the normal way to deal with this, but the Apache
library doesn't really give me a clean way to copy the signature. Probably
could do it with a bit of XML munging, just hadn't come up. So you have to
do it via XML to keep it intact.
I'll see if I can clone the signature when I have some time to try it, or
somebody else can give it a try and supply a patch.
-- Scott
- signed assertions in <Evidence> in <AuthorizationDecisionStatement>, Giandomenico Napolitano, 08/02/2005
- RE: signed assertions in <Evidence> in <AuthorizationDecisionStatement>, Scott Cantor, 08/02/2005
- RE: signed assertions in <Evidence> in <AuthorizationDecisionStatement>, Scott Cantor, 08/02/2005
- Re: signed assertions in <Evidence> in <AuthorizationDecisionStatement>, Giandomenico Napolitano, 08/03/2005
- RE: signed assertions in <Evidence> in <AuthorizationDecisionStatement>, Scott Cantor, 08/03/2005
- Re: signed assertions in <Evidence> in <AuthorizationDecisionStatement>, Giandomenico Napolitano, 08/03/2005
Archive powered by MHonArc 2.6.16.