OpenSAML user discussion

[Paolo Selvini <>]

here is the code I use to read the file, sign it and write it back to disk:

// read the input file
File inputFile = new File(samlMessageFilename);
int size = ((int) inputFile.length());
byte[] fileBytes = new byte[size];
FileInputStream freader = new FileInputStream(inputFile);
freader.read(fileBytes, 0, size);
freader.close();

// unmarshall the string into a SignableSAMLObject
BasicParserPool parser = new BasicParserPool();
parser.setNamespaceAware(true);
Document docXml = parser.parse(new StringReader(new String(fileBytes)));
Element xmlObjectElement = docXml.getDocumentElement();
UnmarshallerFactory unmarshallerFactory = 
Configuration.getUnmarshallerFactory();
Unmarshaller unmarshaller = 
unmarshallerFactory.getUnmarshaller(xmlObjectElement);
SignableSAMLObject samlObject = 
(SignableSAMLObject)unmarshaller.unmarshall(xmlObjectElement);

// build a signature object - the keyinfo structure contains the certificates 
in the given keystore
Signature signature = getSignature(keystore, keyname, keystorePassword);

// marshall the SignableSAMLObject, sign it and convert it into a string
samlObject.setSignature(signature);
Marshaller marshaller = 
Configuration.getMarshallerFactory().getMarshaller(samlObject);
Element newElement = marshaller.marshall(samlObject);
Signer.signObject(samlObject.getSignature());
String signedString = 
org.opensaml.xml.util.XMLHelper.nodeToString(newElement);

// write the string to file
FileOutputStream fos = new FileOutputStream(signedString);
fos.write(signedString.getBytes());
fos.flush();
fos.close();


----

I tried to verify with Oxygen and the metadata signed without accented chars 
verifies ok. The other, with accented "a" (à) does not verifiy.
Of course I am doing something wrong in the code above...






-----Original Message-----
From: Scott Cantor 
[mailto:]
Sent: venerdì 2 maggio 2008 19.02
To: 

Subject: RE: [OpenSAML] Verifying SAML signed metadata files

> However, if I use - for the value of such FriendlyName attribute -
> some accented chars (like à, è, ...) that are pretty common in the
> Italian language, the signature in the new signed file is no more verified.

How are you signing it? Can you verify it with Oxygen or some other tool?

-- Scott



Le informazioni contenute in questa comunicazione e negli allegati sono 
riservate; e' vietato a soggetti diversi dai destinatari qualsiasi uso, 
copia, diffusione di quanto in essi contenuto.
Se avete ricevuto questa copia per errore, vi preghiamo di distruggerla 
immediatamente ed informarci via e-mail.

Prima di stampare questa e-mail consideratene l'impatto sull'ambiente. Grazie 
per la collaborazione.


This e-mail and any attachment(s) are strictly confidential. This message 
must not be copied, disclosed or used by anybody other than the intended 
recipient(s).
If you are not the intended recipient, please inform the sender by e-mail and 
destroy this message immediately.

Please consider the environment before printing this e-mail. Thank you for 
your cooperation.