OpenSAML user discussion

["Håkon Sagehaug" <>]

Hi

See inline

2008/5/30 Rachana Ananthakrishnan <>:

I am having issues with extracting AttributeValue from XACMLAuthzQuery using
OpenSAML 2.1. The getAttributeValue() on ResourceType, SubjectType and
ActionType retutns an empty list. The DOM element looks accurate. I
construct the object using:

// Construct XACMLAuthorizationDecisionQuery from Element
       UnmarshallerFactory marshallerFactory =
               org.opensaml.xml.Configuration.getUnmarshallerFactory();
       Unmarshaller requestUnmarshaller =

marshallerFactory.getUnmarshaller(XACMLAuthzDecisionQueryType.
                       DEFAULT_ELEMENT_NAME_XACML20);
       XACMLAuthzDecisionQueryType queryRequest = null;
       try {
           queryRequest = (XACMLAuthzDecisionQueryType)requestUnmarshaller.
                   unmarshall(queryElement);
       } catch (UnmarshallingException e) {
           e.printStackTrace();
           throw new RemoteException(e.getMessage());
       }

The code snippet that parses resource:

// Parse the request
       List resources = request.getResources();
       System.out.println("Resource list size: " + resources.size());
       Iterator resIter = resources.iterator();
       while (resIter.hasNext()) {
           ResourceType resourceType = (ResourceType)resIter.next();
           System.out.println("Resource:" +
                   XmlUtils.toString(resourceType.getDOM()));
           Iterator resValue = resourceType.getAttributes().iterator();
           System.out.println("Resource Attribute size: " +
                   resourceType.getAttributes().size());
           while (resValue.hasNext()) {
               AttributeType attrType = (AttributeType)resValue.next();
               System.out.println("Resource Attribute value size: " +
                       attrType.getAttributeValues().size());
           }
       }

Resource list size: 1 Resource:<xacml-context:Resource
xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os"><xacml-
context:Attribute AttributeId="http://www.globus.org/xacml/service-endpoint"
DataType="http://www.w3.org/2001/XMLSchema#string"
Issuer="issuer"><saml:AttributeValue
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string">https://192.168.1.100:8443/wsrf/services/SecureCounterS
ervice</saml:AttributeValue>

 

Here you have a SAML Attribute value, should it not be a xacml attribute  value, something like this

<xacml-context:Resource>
          <xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string">
              <xacml-context:AttributeValue>http://bccs.uib.no/</xacml-context:AttributeValue></xacml-context:Attribute>
           </xacml-context:Resource>

cheers Håkon

</xacml-context:Attribute><xacml-context:Attribu

te AttributeId="urn:globus:4.0:container:service-name"
DataType="http://www.w3.org/2001/XMLSchema#string"
Issuer="Issuer"><saml:AttributeValue
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string">https://192.168.1.100:8443/wsrf/services/SecureCounterS
ervice</saml:AttributeValue></xacml-context:Attribute></xacml-context:Resour
ce>
Resource Attribute size: 2
Resource Attribute value size: 0

Similar issue with Subject and Action.

The query is constructed on a remote client and sent to the service. The
message looks accurate on the wire and the above snippets and code is local
parsing.

Any ideas? What am I missing?

Thanks,
Rachana

-- 
Håkon Sagehaug, Software Developer
Parallab, Bergen Center for Computational Science (BCCS)
UNIFOB AS (University of Bergen Research Company)