Skip to Content.
Sympa Menu

mace-opensaml-users - XMLTooling - SignatureUnmarshaller

Subject: OpenSAML user discussion

List archive

XMLTooling - SignatureUnmarshaller

Chronological Thread 
  • From: Laurent CHARTIER <>
  • To:
  • Subject: XMLTooling - SignatureUnmarshaller
  • Date: Thu, 19 Apr 2007 15:02:51 +0200
  • Importance: Normal

When I unmarshall a response, it unmarshalls automatically the child
nodes. However, it seems that the unmarshalling of the signature isn't
I miss the <ds:reference> child.

Here is my code:

try {
} catch (ConfigurationException e) {

byte[] xmlBytes = null;
Element w3cResponse = null;
InputStream reponseSAMLInputStream = new ByteArrayInputStream(xmlBytes);
BasicParserPool parserPool = new BasicParserPool();
try {
Document doc = parserPool.parse(reponseSAMLInputStream);
w3cResponse = doc.getDocumentElement();
} catch (XMLParserException xmlParserException) {

Response response = null;
try {
Unmarshaller unmarshaller = new ResponseUnmarshaller();
response = (Response) unmarshaller.unmarshall(w3cResponse);
} catch (UnmarshallingException unmarshallingException) {

If I try to validate the signature of the response, it gives me a
"Unable to evaluate key against signature" because there's no references
in the signature of the response.
The debug log indicates []
[verifyReferences] verify 0 References

Here is the code of the validation method using the certificate of the

private boolean isValid(Signature signature, Certificate certificate) {
try {
BasicX509Credential credential = new

.setEntityCertificate(( certificate);
SignatureValidator validator = new
return true;
} catch (ValidationException validationException) {
return false;

Could you please help me finding where the problem is?
Thank you.

Ce message est prot?g? par les r?gles relatives au secret des
correspondances. Il est donc ?tabli ? destination exclusive de son
destinataire. Celui-ci peut donc contenir des informations confidentielles.
La divulgation de ces informations est ? ce titre rigoureusement interdite.
Si vous avez re?u ce message par erreur, merci de le renvoyer ? l'exp?diteur
dont l'adresse e-mail figure ci-dessus et de d?truire le message ainsi que
toute pi?ce jointe.

This message is protected by the secrecy of correspondence rules. Therefore,
this message is intended solely for the attention of the addressee. This
message may contain privileged or confidential information, as such the
disclosure of these informations is strictly forbidden. If, by mistake, you
have received this message, please return this message to the addressser
whose e-mail address is written above and destroy this message and all files

Archive powered by MHonArc 2.6.16.

Top of Page