OpenSAML user discussion

[Chad La Joie <>]

Paolo Selvini wrote:
> I did some more tests with signature verification and encoding of metadata 
> files.
> As far as I could understand, I should use unicode and declare encoding ISO-8859-1 in 
> XML files with "added-latin" charset, that is when I use chars like è,é,à etc.
>
> The only problem now is that when I marshall the signed SAML object 
> (metadata) with
>
>         Element newElement = marshaller.marshall(samlObject);
>         String signedString = 
> org.opensaml.xml.util.XMLHelper.nodeToString(newElement);
>
> the output string does have a UTF-8 encoding declared at the top. After 
> writing it to a file with FileOutputStream, the actual file encoding is 
> preserved as ISO-8859-1, so any attempt to unmarshall it back for signature 
> verification fails as an incorrect encoding is declared.
> However, if I manually replace the <?xml version="1.0" encoding="UTF-8"?> with the more correct 
> <?xml version="1.0" encoding="ISO-8859-1"?>, unmarshall, validation and verification are ok, both by my 
> code with OpenSAML and by tools like Oxygen.

You should use the XMLHelper.writeNode(Node, Writer) method.  The one 
that creates a String is really only meant for things like getting the 
string to write out to a log message.

> Is UTF-8 the default encoding used by OpenSAML? Isn't there any way to have 
> OpenSAML declare the right encoding when marshalling DOM elements?

There is no "right" encoding when marshalling.  It's only when you 
serialize the DOM that encoding matters (in Java at least since all 
Strings are UTF-16, always).

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
 http://www.switch.ch