Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Reading signed metadata

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Reading signed metadata


Chronological Thread 
  • From: Chad La Joie <>
  • To:
  • Subject: Re: [OpenSAML] Reading signed metadata
  • Date: Tue, 22 Apr 2008 07:25:38 +0200
  • Openpgp: id=146B2514
  • Organization: SWITCH

As was reported on the list, and JIRA reflects, there was a bug where the signature on EntityDescriptors was not being properly unmarshalled. That was fixed in the 2.1.0 release. Please grab that release and try again.

Paolo Selvini wrote:
Hi,

I am making a pretty extensive use of metadata for my SAML2-enabled
application. All my metadata files contain KeyInfos with data about public
certificates to be used to verify signatures.
But, in addition, all my metadata files are themselves signed.

I would like to know if it is possible to access the signature of such metadata files
after reading them by means of the standard "providers" available in OpenSAML
2.
Currently I am using the following code to parse an EntityDescriptor into a
Java object:


FileBackedHTTPMetadataProvider fbmd = new FileBackedHTTPMetadataProvider(url, cachePeriod,
cacheLocation + "/" + metadataFilename + ".xml");
fbmd.setParserPool(new BasicParserPool());
fbmd.initialize();
EntityDescriptor exml = (EntityDescriptor) fbmd.getMetadata();

but when I try to get the signature with

exml.getSignature()

I get a null value. Is this the right way to read metadata from a remote URL
and is there another way to get the metadata signature?

Thanks,
Paolo



________________________________
Le informazioni contenute in questa comunicazione e negli allegati sono
riservate; e' vietato a soggetti diversi dai destinatari qualsiasi uso,
copia, diffusione di quanto in essi contenuto.
Se avete ricevuto questa copia per errore, vi preghiamo di distruggerla
immediatamente ed informarci via e-mail.

Prima di stampare questa e-mail consideratene l'impatto sull'ambiente. Grazie
per la collaborazione.


This e-mail and any attachment(s) are strictly confidential. This message
must not be copied, disclosed or used by anybody other than the intended
recipient(s).
If you are not the intended recipient, please inform the sender by e-mail and
destroy this message immediately.

Please consider the environment before printing this e-mail. Thank you for
your cooperation.


--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
http://www.switch.ch




Archive powered by MHonArc 2.6.16.

Top of Page