mace-opensaml-users - Re: [OpenSAML] The attribute data type does not seem to be part of the xml in the response even though I have set it
Subject: OpenSAML user discussion
List archive
Re: [OpenSAML] The attribute data type does not seem to be part of the xml in the response even though I have set it
Chronological Thread
- From: Jay Packard <>
- To:
- Subject: Re: [OpenSAML] The attribute data type does not seem to be part of the xml in the response even though I have set it
- Date: Mon, 29 Sep 2008 15:04:38 -0400
Thanks. When will 2.2 be released?
Now that I know you have a public bug tracking system named Jira, I'll do a search there before asking a question. I guess I missed the internet 2 opensaml/xacml bug tracking tutorial, if there is one. I was just told to ask opensaml questions to this list.
Jay
On Sep 29, 2008, at 2:44 PM, Chad La Joie wrote:
It was a bug that was fixed. Which you could have found by typing
"DataType" in to Jira.
Jay Packard wrote:
The attribute data type does not seem to be part of the xml in the
response even though I have set it:
AttributeAssignmentTypeImplBuilder attributeAssignmentBuilder =
(AttributeAssignmentTypeImplBuilder )builderFactory .getBuilder(AttributeAssignmentType.DEFAULT_ELEMENT_NAME);
attributeAssignment = attributeAssignmentBuilder.buildObject();
attributeAssignment.setAttributeId("http://authz-interop.org/xacml/attribute/username ");
attributeAssignment.setDataType("http://www.w3.org/2001/XMLSchema#string ");
attributeAssignment.setValue(account);
...
ObligationTypeImplBuilder obligationBuilder =
(ObligationTypeImplBuilder )builderFactory.getBuilder(ObligationType.DEFAULT_ELEMENT_QNAME);
ObligationType obligation = obligationBuilder.buildObject();
obligation.setFulfillOn(EffectType.Permit);
obligation.setObligationId("http://authz-interop.org/xacml/obligation/username ");
if (attributeAssignment != null)
obligation.getAttributeAssignments().add(attributeAssignment);
...
queryRequest =
(XACMLAuthzDecisionQueryType )requestUnmarshaller.unmarshall(queryElement);
logger.debug("XACMLAuthzDecisionQueryType object received:
"+XMLUtils.ElementToString(queryRequest.getDOM()));
and get the following log:
Response object returned: <samlp:Response
InResponseTo="_b646694f56a232e2add9048cc62a0dba" Version="2.0"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><saml:Assertion
Version="2.0"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"><saml:Statement
xmlns:xacml-saml="urn:oasis:names:tc:xacml:2.0:profile:saml2.0:v2:schema:assertion "
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xacml-saml:XACMLAuthzDecisionStatementType"><xacml- context:Request
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:Subject
SubjectCategory="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject "
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:Attribute
AttributeId="http://authz-interop.org/xacml/subject/subject-x509-id"
DataType="http://www.w3.org/2001/XMLSchema#string"
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:AttributeValue>/DC=org/ DC=doegrids/OU=People/CN=Ted
Hesselroth
898520</xacml-context:AttributeValue></xacml- context:Attribute><xacml-context:Attribute
AttributeId="http://authz-interop.org/xacml/subject/voms-fqan"
DataType="http://www.w3.org/2001/XMLSchema#string"
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:AttributeValue>/cms/uscms/ Role=cmsuser/Capability=NULL</xacml-context:AttributeValue></xacml- context:Attribute></xacml-context:Subject><xacml-context:Resource
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:Attribute
AttributeId="http://authz-interop.org/xacml/resource/dns-host-name"
DataType="http://www.w3.org/2001/XMLSchema#string"
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml- context:AttributeValue>camp5.townhouse</xacml- context:AttributeValue></xacml-context:Attribute><xacml- context:Attribute
AttributeId="http://authz-interop.org/xacml/resource/resource-x509- id"
DataType="http://www.w3.org/2001/XMLSchema#string"
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:AttributeValue>/DC=org/ DC=doegrids/OU=Services/CN=cascade.fnal.gov</xacml- context:AttributeValue></xacml-context:Attribute></xacml- context:Resource><xacml-context:Action
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:Attribute
AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
DataType="http://www.w3.org/2001/XMLSchema#string"
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:AttributeValue>http://authz-interop.org/xacml/action/action-type/access </xacml-context:AttributeValue></xacml-context:Attribute></xacml- context:Action><xacml-context:Environment
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:Attribute
AttributeId="http://authz-interop.org/xacml/environment/pep-oblig-supported "
DataType="http://www.w3.org/2001/XMLSchema#string"
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:AttributeValue>http://authz-interop.org/xacml/obligation/username </xacml-context:AttributeValue><xacml-context:AttributeValue>http://authz-interop.org/xacml/attribute/posix-uid </xacml-context:AttributeValue><xacml-context:AttributeValue>http://authz-interop.org/xacml/attribute/posix-gid </xacml-context:AttributeValue></xacml-context:Attribute></xacml- context:Environment></xacml-context:Request><xacml-context:Response
xmlns:xacml-context="urn:oasis:names:tc:xacml: 2.0:context:schema:os"><xacml-context:Result><xacml- context:Decision>Permit</xacml-context:Decision><xacml- context:Status><xacml-context:StatusCode
Value="http://oasis/names/tc/xacml/1.0/status/ok"/></xacml- context:Status><xacml:Obligations
xmlns:xacml="urn:oasis:names:tc:xacml: 2.0:policy:schema:os"><xacml:Obligation
FulfillOn="Permit"
ObligationId="http://authz-interop.org/xacml/obligation/ username"><xacml:AttributeAssignment
AttributeId="http://authz-interop.org/xacml/attribute/ username">testAccount</xacml:AttributeAssignment></ xacml:Obligation></xacml:Obligations></xacml-context:Result></xacml- context:Response></saml:Statement></saml:Assertion></samlp:Response>
Any ideas?
Thanks,
Jay Packard
--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
http://www.switch.ch
- The attribute data type does not seem to be part of the xml in the response even though I have set it, Jay Packard, 09/29/2008
- Re: [OpenSAML] The attribute data type does not seem to be part of the xml in the response even though I have set it, Chad La Joie, 09/29/2008
- Re: [OpenSAML] The attribute data type does not seem to be part of the xml in the response even though I have set it, Jay Packard, 09/29/2008
- Re: [OpenSAML] The attribute data type does not seem to be part of the xml in the response even though I have set it, Chad La Joie, 09/29/2008
Archive powered by MHonArc 2.6.16.