OpenSAML user discussion

[Brent Putman <>]

Hi,
Well, you want to transport it as an element XACMLAuthzDecisionQuery.  
You don't transport it within a SAML 2 request, it *is* the SAML 
request.  The schema:

 <xs:element name="XACMLAuthzDecisionQuery" 
type="XACMLAuthzDecisionQueryType"/>

 <xs:complexType name="XACMLAuthzDecisionQueryType">
   <xs:complexContent>
     <xs:extension base="samlp:RequestAbstractType">  ...... 
</xs:complexType>


That type defines the content model for the element.

I haven't looked at Hakon's work in depth, but a quick look seems to 
indicate that it works the way the rest of opensaml was written.  You 
get a builder for the XACMLAuthzDecisionQuery element QName and that 
should be what you want.  Then marshall, serialize, etc exactly like any 
other provider.

What exactly are doing, and why do you think it's not working?


--Brent


Arlindo Luis Marcon Junior wrote:
> Hi Brent...
>
> Thanks fou your attention...
> I have worked with the API of the profile since some time ago...
> I think that Hakon and Yuri have made the API for the profile 
> SAML-XACML....
> with the support of the API,,, I created the 
> XACMLAuthzDecisionQueryType,,,
> so,,, now,,, I need transport this object... and the SAML 
> specification is the most appropriate place to put it,,,
> but,,, I don't know where and how...
>
>
> I will try follow your tips...
> Many Thanks...
>
> [/almjr\]
>
> Brent Putman escreveu:
> > The use of the classes mirrors that of the corresponding schema 
> > types:  RequestAbstractType is abstract in the SAML 2 schema, so the 
> > corresponding class in OpenSAML is also abstract, and so you can't 
> > instantiate it directly.  The XACMLAuthzDecisionQueryType schema type 
> > *extends* that type to create a new concrete type, so the proper 
> > thing to do is create a new concrete Java class that represents that 
> > XACML profile class and which extends the SAML 2 RequestAbstractType 
> > class.
> >
> > See the developer's manual here for more info on extending OpenSAML:
> > https://spaces.internet2.edu/display/OpenSAML/OSTwoDeveloperManual
> >
> > There were also some threads about this in the last 2 months or so, 
> > see the list archives.
> >
> > BTW, there is also some work to add XACML support to OpenSAML.  There 
> > is some work going on on a branch.  Someone else can perhaps comment 
> > on where that is in terms of progress, etc.
> >
> > --Brent
> >
> >
> > Arlindo Luis Marcon Junior wrote:
> > > Hi All...
> > >
> > > I am tried create an object of the type Request ( or 
> > > RequestAbstractType to SAML2 )...
> > > but I can't be able to do it...
> > > Someone had a simple sample about this,,,
> > > I tried follow the samples in the api,,, but without success...
> > >
> > > I tried create it to transport an object XACMLAuthzDecisionQueryType 
> > > ( Profile SAML-XACML )...
> > > Maybe,,, is this the correct place to put this object ( 
> > > XACMLAuthzDecisionQueryType )...
> > > the specification give-me a little idea about the use of 
> > > RequestAbstractType...
> > >
> > > Any help is welcome...
> > > Many thanks in advance
> > > ( sorry my poor english,,, please )