Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Marshalling a SAML Response containing an XACMLAuthzDecisionStatementType

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Marshalling a SAML Response containing an XACMLAuthzDecisionStatementType


Chronological Thread 
  • From: Christina Cunningham <>
  • To:
  • Subject: Re: [OpenSAML] Marshalling a SAML Response containing an XACMLAuthzDecisionStatementType
  • Date: Fri, 30 May 2008 10:06:27 +0100
Hi Hakon,

Following the examples of building objects elsewhere in the SAML code, I had built the XACMLAuthzDecisionStatementType previously as follows:

<code>
XACMLAuthzDecisionStatementTypeImplBuilder statementBuilder = (XACMLAuthzDecisionStatementTypeImplBuilder)
builderFactory.getBuilder(XACMLAuthzDecisionStatementType.DEFAULT_ELEMENT_NAME_XACML20);

XACMLAuthzDecisionStatementType decisionType = statementBuilder.buildObject(SAMLProfileConstants.SAML20XACML20P_NS,
XACMLAuthzDecisionStatementType.DEFAULT_ELEMENT_LOCAL_NAME,
SAMLProfileConstants.SAML20XACMLPROTOCOL_PREFIX);
</code>


Your code had the XACMLAuthzDecisionStatementType built as follows:

<code>
XACMLAuthzDecisionStatementTypeImplBuilder statementBuilder = (XACMLAuthzDecisionStatementTypeImplBuilder)
builderFactory.getBuilder(XACMLAuthzDecisionStatementType.TYPE_NAME_XACML20);

XACMLAuthzDecisionStatementType decisionType = statementBuilder
.buildObject(Statement.DEFAULT_ELEMENT_NAME, XACMLAuthzDecisionStatementType.TYPE_NAME_XACML20);
</code>

So, to put the XACMLAuthzDecisionStatementType inside the SAML response, I needed to build the object with a default element name of Statement. Changing these two lines, my code now works fine - I hadn't come across any code or xml examples of putting the XACMLAuthzDecisionStatement inside the SAML response so it hadn't occurred to me that I needed a Statement element of type XACMLAuthzDecisionStatement :o)

Thanks for your help,


Christina



Håkon Sagehaug wrote:
Hi Christina

I tried the same as you, but did bot get this error. I almost just copy/pasted you code into my test project. Have you tried to debug it to see on what line the error comes from?

here is a link to my test project. See in the class SampleProgram#statementXACMLAuthzDecision that makes the assertion and SampleProgram#marshallSAMLRepsonse.

http://www.bccs.uib.no/~hakont/SAMLXACMLExtension/files/SamplePackage_src.tar.gz <http://www.bccs.uib.no/%7Ehakont/SAMLXACMLExtension/files/SamplePackage_src.tar.gz>


How is your XACMLAuthzDecisionStatement made, could it be something wrong there?

cheers,. Håkon
2008/5/29 Christina Cunningham < <mailto:>>:

Hi,

When trying to marshall a saml (2.0) response containing an
assertion which has an XACMLAuthzDecisionStatement within it's
list of statements, I am getting a ClassCastException thrown.

I am assuming that because XACMLAuthzDecisionStatement extends
Statement this should be possible to do?

<code>
SAMLObjectBuilder<Response> builder =
(SAMLObjectBuilder<Response>) builderFactory
.getBuilder(Response.DEFAULT_ELEMENT_NAME);
Response response = builder.buildObject();
response.setVersion(SAMLVersion.VERSION_20);
Assertion assertion = getAssertion(issueInstant, responseSubject);
XACMLAuthzDecisionStatementType decision =
getXACMLAuthzDecisionStatementType();
assertion.getStatements().add(decision); response.getAssertions().add(assertion);

MarshallerFactory marshallerFactory =
Configuration.getMarshallerFactory();
Marshaller marshaller = marshallerFactory.getMarshaller(response);
Element subjectElement = marshaller.marshall(response);
</code>

<stacktrace>
java.lang.ClassCastException:
org.opensaml.xacml.profile.saml.impl.XACMLAuthzDecisionStatementTypeImpl
cannot be cast to org.opensaml.xml.schema.XSAnynull
at

org.opensaml.xml.schema.impl.XSAnyMarshaller.marshallAttributes(XSAnyMarshaller.java:39)
at

org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshallInto(AbstractXMLObjectMarshaller.java:225)
at

org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshall(AbstractXMLObjectMarshaller.java:178)
at

org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshallChildElements(AbstractXMLObjectMarshaller.java:319)
at

org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshallInto(AbstractXMLObjectMarshaller.java:227)
at

org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshall(AbstractXMLObjectMarshaller.java:178)
at

org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshallChildElements(AbstractXMLObjectMarshaller.java:319)
at

org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshallInto(AbstractXMLObjectMarshaller.java:227)
at

org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshall(AbstractXMLObjectMarshaller.java:133)
at

org.opensaml.xml.io.AbstractXMLObjectMarshaller.marshall(AbstractXMLObjectMarshaller.java:89)
at

com.<>.security.saml.SamlResponseHelper.marshallResponseToString(SamlResponseHelper.java:144)
at

com.<>.security.saml.SamlResponseHelper.buildResponseString(SamlResponseHelper.java:98)
at

com.<>.security.signon.client.TestSamlResponseHelper.<init>(TestSamlResponseHelper.java:50)
at

com.<>.security.signon.client.TestSamlResponseHelper.main(TestSamlResponseHelper.java:64)
Exception in thread "main" java.lang.NullPointerException
</stacktrace>


Thanks,

Christina

-- Christina Cunningham
Software Engineer
Belfast eScience Centre (BeSC)
Queen's University, Belfast
e: c.cunningham [at] besc.ac.uk <http://besc.ac.uk>
w: www.besc.ac.uk <http://www.besc.ac.uk>




--
Håkon Sagehaug, Software Developer
Parallab, Bergen Center for Computational Science (BCCS)
UNIFOB AS (University of Bergen Research Company)

--
Christina Cunningham
Software Engineer
Belfast eScience Centre (BeSC)
Queen's University, Belfast
e: c.cunningham [at] besc.ac.uk
w: www.besc.ac.uk


Archive powered by MHonArc 2.6.16.

Top of Page