Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] XACML providers not correctly registered by DefaultBootstrap?

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] XACML providers not correctly registered by DefaultBootstrap?


Chronological Thread 
  • From: Brent Putman <>
  • To:
  • Subject: Re: [OpenSAML] XACML providers not correctly registered by DefaultBootstrap?
  • Date: Tue, 29 Apr 2008 17:47:03 -0400



Kenny Pearce wrote:
I've done some further research, and if you look at the
XACMLPolicyStatementImplBuilder source, it is setting the element and
type qnames to those for the ordinary <Statement> element, which is why
the factories can't find it. This is a bug, right?


I don't think it's necessarily a bug. The issue, as I pointed out in my previous message, is that even though XACML defines the XMLPolicyStatement element, and so you want to be able to support it in the impl, you also would not be using that in the typical SAML use case, where the policy statement is encapsulated inside an Assertion. In that case you have to use that content model as <saml:Statement xsi:type="xacml-saml:XACMLPolicyStatementType" />. So the builder has to support both, making the "default" building behavior of buildObject() less useful. Actually since the XACMLPolicyStatmentType doesn't override TYPE_NAME and so the builder gets saml:StatementAbstractType, along with an element name of saml:Statement, that makes it in fact pretty useless as it currently stands. Perhaps it should pick one approach or the other...

You want to use one of the builder's buildObject() variants that takes parameters - maybe buildObject(QName, QName) - to build the right form that you need. See the additional TYPE_* and DEFAULT_ELEMENT_* constants defined in the XACMLPolicyStatmentType interface.




Archive powered by MHonArc 2.6.16.

Top of Page