mace-opensaml-users - Re: [OpenSAML] Assertion object does not return statements
Subject: OpenSAML user discussion
List archive
- From: Chad La Joie <>
- To:
- Subject: Re: [OpenSAML] Assertion object does not return statements
- Date: Wed, 23 Jul 2008 18:35:25 +0200
- Openpgp: id=146B2514
- Organization: SWITCH
I just tested this with the latest code and it works fine with me. If you are using old code and are not loading the XACML extension then the library is just going to ignore those extensions, which I would guess is what is happening.
Rachana Ananthakrishnan wrote:
We are testing interoperability between a C implementation of XACML SAML
profile and a Java one that uses OpenSAML. A response generated by C code
(attached is SOAP message and Response element), with
XACMLAutzDecisionStatementType, when parsed using OpenSAML library creates a
Assertion object with no statements.
With the following code to validate the assertion:
Assertion assertion = (Assertion) assertionsIter.next();
logger.debug("assertion being looked at is \n" +
XmlUtils.toString(assertion.getDOM()));
List authzDecisionStmtList = assertion.getStatements();
if ((authzDecisionStmtList == null) ||
(authzDecisionStmtList.size() < 1)) {
logger.debug("This assertion does not have any XACML Authz "
+ "Decision Statement Type");
continue;
}
The assertion snippet looks like this:
<saml:Assertion IssueInstant="2008-07-21T18:22:25Z"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:type="saml:AssertionType"><saml:Issuer
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
xsi:type="saml:NameIDType"/><saml:Statement
xsi:type="XACMLassertion:XACMLAuthzDecisionStatementType"><XACMLcontext:Resp
onse xmlns:XACMLcontext="urn:oasis:names:tc:xacml:2.0:context:schema:os"
xsi:type="XACMLcontext:ResponseType"><XACMLcontext:Result
xsi:type="XACMLcontext:ResultType"><XACMLcontext:Decision>Permit</XACMLconte
xt:Decision><XACMLcontext:Status
xsi:type="XACMLcontext:StatusType"><XACMLcontext:StatusCode
Value="urn:oasis:names:tc:xacml:1.0:status:ok"
xsi:type="XACMLcontext:StatusCodeType"/></XACMLcontext:Status></XACMLcontext
:Result></XACMLcontext:Response></saml:Statement></saml:Assertion>
But the above error is triggered and the assertion does not have any
statements.
Any ideas on what the issue is? How I can get further logging information
from OpenSAML to understand issue with the Assertion object creation?
Thanks,
Rachana
--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
http://www.switch.ch
- Assertion object does not return statements, Rachana Ananthakrishnan, 07/23/2008
- Re: [OpenSAML] Assertion object does not return statements, Chad La Joie, 07/23/2008
- RE: [OpenSAML] Assertion object does not return statements, Rachana Ananthakrishnan, 07/23/2008
- Re: [OpenSAML] Assertion object does not return statements, Chad La Joie, 07/23/2008
- RE: [OpenSAML] Assertion object does not return statements, Rachana Ananthakrishnan, 07/24/2008
- Re: [OpenSAML] Assertion object does not return statements, Chad La Joie, 07/25/2008
- RE: [OpenSAML] Assertion object does not return statements, Scott Cantor, 07/25/2008
- Re: [OpenSAML] Assertion object does not return statements, Chad La Joie, 07/25/2008
- RE: [OpenSAML] Assertion object does not return statements, Rachana Ananthakrishnan, 07/24/2008
- Re: [OpenSAML] Assertion object does not return statements, Chad La Joie, 07/23/2008
- RE: [OpenSAML] Assertion object does not return statements, Rachana Ananthakrishnan, 07/23/2008
- Re: [OpenSAML] Assertion object does not return statements, Chad La Joie, 07/23/2008
Archive powered by MHonArc 2.6.16.