OpenSAML user discussion

["Cristian Opincaru" <>]

Hi,

When reconstructing a SAML Subject from DOM, the subject is invalid if does not have a Named Subject. However, the standards says that it must have at least one of NamedIdentifier, ConfirmationMethod. 

I fixed this (added the 2 lines in red in fromDOM), and attached the new file. Hope this helps!

-----
public void fromDOM(Element e) throws SAMLException {
        super.fromDOM(e);

        if (config.getBooleanProperty("org.opensaml.strict-dom-checking") && !XML.isElementNamed(e,
XML.SAML_NS,"Subject"))
            throw new MalformedException("SAMLSubject.fromDOM() requires saml:Subject at root");

        // Look for NameIdentifier.
        Element n = XML.getFirstChildElement
(e, XML.SAML_NS, "NameIdentifier");
        if (n != null) {
            nameId = (SAMLNameIdentifier)SAMLNameIdentifier.getInstance(n).setParent(this);
            n = XML.getNextSiblingElement(n);
        } else 
            n = XML.getFirstChildElement(e, XML.SAML_NS, "SubjectConfirmation");

        // Look for SubjectConfirmation.
        if (n != null && XML.isElementNamed(n, XML.SAML_NS, "SubjectConfirmation")) {
            // Iterate over ConfirmationMethods.
            Element n2 = 
XML.getFirstChildElement(n);
            while (n2 != null && XML.isElementNamed(n2, XML.SAML_NS, "ConfirmationMethod") && n2.hasChildNodes()) {
....
-----

Cheers,
Cristian

-- 
Cristian OPINCARU
University of the Federal Armed Forces Munich
http://www.unibw.de/cristian.opincaru

Attachment: SAMLSubject.java
Description: Binary data