OpenSAML user discussion

[Brent Putman <>]

Kenny Pearce wrote:
> I've done some further research, and if you look at the
> XACMLPolicyStatementImplBuilder source, it is setting the element and
> type qnames to those for the ordinary <Statement> element, which is why
> the factories can't find it. This is a bug, right?
>
>   

I don't think it's necessarily a bug.  The issue, as I pointed out in my 
previous message, is that even though XACML defines the 
XMLPolicyStatement element, and so you want to be able to support it in 
the impl, you also would not be using that in the typical SAML use case, 
where the policy statement is encapsulated inside an Assertion.  In that 
case you have to use that content model as  <saml:Statement 
xsi:type="xacml-saml:XACMLPolicyStatementType" />.  So the builder has 
to support both, making the "default" building behavior of buildObject() 
less useful.  Actually since the XACMLPolicyStatmentType doesn't 
override TYPE_NAME and so the builder gets saml:StatementAbstractType, 
along with an element name of saml:Statement, that makes it in fact 
pretty useless as it currently stands. Perhaps it should pick one 
approach or the other...

You want to use one of the builder's buildObject() variants that takes 
parameters - maybe buildObject(QName, QName) - to build the right form 
that you need.  See the additional TYPE_* and  DEFAULT_ELEMENT_* 
constants defined in the XACMLPolicyStatmentType interface.