mace-opensaml-users - Re: [OpenSAML] HTTPRedirectDeflateEncoder/Decoder
Subject: OpenSAML user discussion
List archive
- From: Brent Putman <>
- To:
- Subject: Re: [OpenSAML] HTTPRedirectDeflateEncoder/Decoder
- Date: Wed, 27 Aug 2008 18:45:46 -0400
|
tedzo wrote:
Yes, that's right, except that the encode/decode and deflate processes operate on a SAMLObject representing the SAML message in question, not a "saml string".
Right, the unit of operation here is a MessageContext (actually a SAMLMessageContext subclass), which holds various pieces of information that are inputs to the encoding/decoding process (all decoders/encoders, not just this one). You create the type of context you want. This could be a context subclass specifically for a particular profile, the idea being that your profile handler class instantiates that specific type of context and this then serves as the unit of profile processing. But if you don't have things coded that way, there is a BasicSAMLMessageContext in java-opensaml2 you can use. Take a look at the unit tests for those 2 encoder and decoder classes, and you should get a sense of what you need to minimally set on the MessageContext to use this encoder/decoder pair. Those are in like-named packages under the src/test/java tree in SVN. For the encoder basically an oubound SAML message (obviously), a peer entity Endpoint, and the outbound Transport, which will almost certainly just be adapter around your HttpServletResponse. Optionally also a signing Credential, if you want the message signed under the rules for that encoder. For the decoder, input is just the inbound message transport, which will be an adapter around your HttpServletRequest. Then after calling decode, various data elements on the context will be decoded and populated. --Brent |
- HTTPRedirectDeflateEncoder/Decoder, tedzo, 08/27/2008
- Re: [OpenSAML] HTTPRedirectDeflateEncoder/Decoder, Brent Putman, 08/27/2008
Archive powered by MHonArc 2.6.16.