OpenSAML user discussion

[Paolo Selvini <>]

Thanks Chad. Now I am using the writeNode method of XMLHelper. I prepared a 
PrintWriter to output to a file and specified the ISO-8859-1 encoding.
However the XML header still reads

<?xml version="1.0" encoding="UTF-8"?>

instead of

<?xml version="1.0" encoding="ISO-8859-1"?>

like what it's there in the original unsigned file.
This is something that happens even without signing: simply read a SAML file 
and write it back to disk as is:


                // parse the XML file with encoding header ISO-8859-1
                BasicParserPool parser = new BasicParserPool();
                parser.setNamespaceAware(true);
                Document docXml = parser.parse(new InputStreamReader(new 
FileInputStream(inputFilename), "ISO-8859-1"));
                Element xmlObjectElement = docXml.getDocumentElement();

                // unmarshall the parsed DOM into a XMLObject
                UnmarshallerFactory unmarshallerFactory = 
Configuration.getUnmarshallerFactory();
                Unmarshaller unmarshaller = 
unmarshallerFactory.getUnmarshaller(xmlObjectElement);
                XMLObject samlObject = 
(XMLObject)unmarshaller.unmarshall(xmlObjectElement);

                // marshall back the object to DOM
                MarshallerFactory marshallerFactory = 
Configuration.getMarshallerFactory();
                Marshaller marshaller = 
marshallerFactory.getMarshaller(samlObject);
                Element newElement = marshaller.marshall(samlObject);

                // write DOM to file using specified encoding
                PrintWriter printWriter = new PrintWriter(outputFilename, 
"ISO-8859-1");
                XMLHelper.writeNode(newElement, printWriter);
                printWriter.flush();
                printWriter.close();

the output file has the XML header changed to UTF-8. The same happens if I 
use an OutputStreamWriter connected to a FileOutputStream instead of a 
PrintWriter.

Paolo





-----Original Message-----
From: Chad La Joie 
[mailto:]
Sent: lunedì 5 maggio 2008 15.14
To: 

Subject: Re: [OpenSAML] Verifying SAML signed metadata files


Paolo Selvini wrote:
> I did some more tests with signature verification and encoding of metadata 
> files.
> As far as I could understand, I should use unicode and declare encoding 
> ISO-8859-1 in XML files with "added-latin" charset, that is when I use 
> chars like è,é,à etc.
>
> The only problem now is that when I marshall the signed SAML object
> (metadata) with
>
>         Element newElement = marshaller.marshall(samlObject);
>         String signedString =
> org.opensaml.xml.util.XMLHelper.nodeToString(newElement);
>
> the output string does have a UTF-8 encoding declared at the top. After 
> writing it to a file with FileOutputStream, the actual file encoding is 
> preserved as ISO-8859-1, so any attempt to unmarshall it back for signature 
> verification fails as an incorrect encoding is declared.
> However, if I manually replace the <?xml version="1.0" encoding="UTF-8"?> 
> with the more correct <?xml version="1.0" encoding="ISO-8859-1"?>, 
> unmarshall, validation and verification are ok, both by my code with 
> OpenSAML and by tools like Oxygen.

You should use the XMLHelper.writeNode(Node, Writer) method.  The one that 
creates a String is really only meant for things like getting the string to 
write out to a log message.

> Is UTF-8 the default encoding used by OpenSAML? Isn't there any way to have 
> OpenSAML declare the right encoding when marshalling DOM elements?

There is no "right" encoding when marshalling.  It's only when you serialize 
the DOM that encoding matters (in Java at least since all Strings are UTF-16, 
always).

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security Werdstrasse 2, P.O. Box, 8021 
Zürich, Switzerland phone +41 44 268 15 75, fax +41 44 268 15 68 
,
 http://www.switch.ch


Le informazioni contenute in questa comunicazione e negli allegati sono 
riservate; e' vietato a soggetti diversi dai destinatari qualsiasi uso, 
copia, diffusione di quanto in essi contenuto.
Se avete ricevuto questa copia per errore, vi preghiamo di distruggerla 
immediatamente ed informarci via e-mail.

Prima di stampare questa e-mail consideratene l'impatto sull'ambiente. Grazie 
per la collaborazione.


This e-mail and any attachment(s) are strictly confidential. This message 
must not be copied, disclosed or used by anybody other than the intended 
recipient(s).
If you are not the intended recipient, please inform the sender by e-mail and 
destroy this message immediately.

Please consider the environment before printing this e-mail. Thank you for 
your cooperation.