Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Migrating to opensaml 2.2.0

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Migrating to opensaml 2.2.0


Chronological Thread 
  • From: Brent Putman <>
  • To:
  • Subject: Re: [OpenSAML] Migrating to opensaml 2.2.0
  • Date: Mon, 27 Oct 2008 19:25:16 -0400



Pantvaidya, Vishwajit wrote:

 

> Your suggestion worked. OpenSAML seems to be able to deserialize the SAML

> response from the identifying party. Only - it is not able to find any

> subjects within the request. So my codeline "Subject subject =

> 

((SubjectStatement)(assertion.getSubjectStatements().get(0))).getSubject();"

> is throwing exception.

 

If it's anything like my code, you'll have to access the

AuthenticationStatement collection.



Yes, the Java also works as Scott suggests.  The getSubjectStatements() would only return actual elements named "SubjectStatement", allowed in SAML 1.1.   You likely want either AuthenticationStatements or AttributeStatements specifically.

 

[Pantvaidya, Vishwajit] That’s what I thought it should be. But I just went with the pseudocode given at https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManualPsedocodeSP. Maybe once I am done, I should post a corrected version of the above pseudocode?

 


Feel free, but I don't actually see that code (which was contributed by someone else) doing that.  In fact, that example is for a SAML 2 SP, not SAML 1 like you're doing, and one of the major ways that SAML 1 and 2 differ is placement of the Subject - SAML 1 was per-Statement and SAML 2 is per-Assertion.


 

> Is there any way I can serialize the Response object from opensaml just to

> get an xml dump and verify that everything is fine?

 

Marshalling gives you a DOM. Serialization is up to you, and there are

helper functions somewhere in there to do it.

 

[Pantvaidya, Vishwajit] Thanks, I will try this out.


Also, in addition to doing it manually with marshall and serialize calls:  the encoders and decoders write all incoming and outgoing message to a special logging category "PROTOCOL_MESSAGE" on level DEBUG.  So if you just configure your logging impl appropriately for that category and level, you should see it in your logs.






Archive powered by MHonArc 2.6.16.

Top of Page