OpenSAML user discussion

[Brent Putman <>]

The wiki example is a little out of date, we've had some API changes
since then.  I'll try and fix those soon.

Instead of suppling a signing key to a Signature, you now supply a
signing Credential which contains the signing key, via
Signature#setSigningCredential(Credential).  This was to make the
library API more consistent.

If you're not obtaining a signing Credential from a CredentialResolver,
you can just build a simple credential that wraps a symmetric key or key
pair with one of the utility methods in
org.opensaml.xml.security.SecurityHelper

Credential getSimpleCredential(PublicKey, PrivateKey)
Credential getSimpleCredential(SecretKey)

--Brent



Massimiliano Masi wrote:
> Hi all,
>
> I have a problem signing an assertion.
> I have the following code (I imported my public/private keys,
> respectively
> in PEM and DER format):
>
>    SignatureBuilder signatureBuilder = (SignatureBuilder)
> builderFactory.getBuilder(Signature.DEFAULT_ELEMENT_NAME);
>             Signature assertionSignature =
> signatureBuilder.buildObject();
>
>             assertionSignature.getContentReferences().add(new
> SAMLObjectContentReference(assertion));
>
>
>
> Now, the guide
> (https://spaces.internet2.edu/display/SHIB/OSTwoUserManJavaDSIG)
> says:
>
> Add the key that will be used to sign with the
> Signature#setSigningKey(Key) method
>
> but the assertionSignature object does not have a setSigningKey().
>
>
> How can I add my pvt key to the Signature?
>
>
> Thank you,
>
>
>                Massimiliano
>
>
>
>
>
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>