mace-opensaml-users - Re: [OpenSAML] XML signature issue(s)
Subject: OpenSAML user discussion
List archive
- From: Brent Putman <>
- To:
- Cc:
- Subject: Re: [OpenSAML] XML signature issue(s)
- Date: Wed, 10 Sep 2008 16:44:18 -0400
No, this not the proper way to accomplish this in OpenSAML. The
correct way is to get a ds:Reference into the ds:Signature is by adding
a ContentReference object to the Signature object. You should not be
manipulating the XMLSignature object directly. Ideally, we wouldn't
even expose that via a public method, but it is unfortunately necessary
on SignatureImpl because of the way the Signer and SignatureValidator's
currently work. This does bring up an issue for Hubert, however. You don't have to manually add a SAMLContentReference to things which are subclasses of AbstractSignableSAMLObject (note SAML not XML). This is done for you as a convenience, since SAML is constrained as to the Reference that is allowed. However, for general signing purposes (e.g. your EPR class), you do need to do this prior to marshalling your Signature. Create an appropriate instance of ContentReference and add to the list exposed by Signature#getContentReferences(). There's a couple of subclasses of ContentReference impls available for generic URI's and same-document fragment via ID's. --Brent wrote:
|
- XML signature issue(s), Hubert Le Van Gong, 09/10/2008
- Re: [OpenSAML] XML signature issue(s), edward . thompson, 09/10/2008
- Re: [OpenSAML] XML signature issue(s), Hubert Le Van Gong, 09/10/2008
- Re: [OpenSAML] XML signature issue(s), Brent Putman, 09/10/2008
- Re: [OpenSAML] XML signature issue(s), Brent Putman, 09/10/2008
- Re: [OpenSAML] XML signature issue(s), Hubert Le Van Gong, 09/11/2008
- Re: [OpenSAML] XML signature issue(s), Brent Putman, 09/11/2008
- Re: [OpenSAML] XML signature issue(s), Hubert Le Van Gong, 09/11/2008
- RE: [OpenSAML] XML signature issue(s), Scott Cantor, 09/11/2008
- Re: [OpenSAML] XML signature issue(s), Hubert Le Van Gong, 09/11/2008
- Re: [OpenSAML] XML signature issue(s), Brent Putman, 09/11/2008
- Re: [OpenSAML] XML signature issue(s), Hubert Le Van Gong, 09/11/2008
- Re: [OpenSAML] XML signature issue(s), edward . thompson, 09/10/2008
Archive powered by MHonArc 2.6.16.